Changing the server port is a common administrative task that can enhance security and tailor services to specific needs. This article provides a detailed guide on how to change the server port in CentOS 7, focusing on changing the port for SSH, which is often the first line of defense against unauthorized access.
Prerequisites
Before starting the process, ensure you have:
- Access to the CentOS 7 server as root or a user with sudo privileges.
- Basic knowledge of working with the Linux command line.
Steps to Change the SSH Port
1. Backup the Configuration File
Before making any changes, it is a good practice to back up the current SSH configuration file:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
2. Edit the SSH Configuration File
Open the SSH configuration file using a text editor such as vi or nano:
sudo vi /etc/ssh/sshd_config
Find the line that starts with #Port 22, uncomment it (by removing the #), and change the port number to the desired port. For example:
Port 2222
3. Allow the New Port in the Firewall
After modifying the configuration file, you need to allow the new port in the firewall. If you are using firewalld, proceed as follows:
sudo firewall-cmd --permanent --add-port=2222/tcp
sudo firewall-cmd --reload
4. Restart the SSH Service
To apply the changes, restart the SSH service:
sudo systemctl restart sshd
5. Test the New Port
Now test whether you can access the server using the new port. Open a new terminal and connect to the server using the new port:
ssh -p 2222 user@your_centos7_server
Ensure that the connection works correctly. If it does not, review the steps to ensure no important steps were missed.
6. Disable the Old Port (Optional)
After successfully connecting using the new port, you can optionally disable the old port in the firewall:
sudo firewall-cmd --permanent --remove-port=22/tcp
sudo firewall-cmd --reload
Changing the server port, especially SSH, on CentOS 7 can enhance security and help tailor the server configuration to your specific needs. This guide takes you through the entire process step-by-step, from editing the configuration file to testing the new port. By following these steps, you ensure that your server remains secure and properly configured.
