Cent OS support firewall-cmd & SeLinux, Its environment understood not easily.
ssh port changing is very easy !
Edit /etc/ssh/sshd_config. Find “# Port 22″ and change to Port xxxx” (xxxx is your specified).
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port xxxx <--- Change your specified port number.
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
if execute “sudo systemctl restart sshd.service”, you can find error messages. And execute “sudo systemctl status sshd.service”
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset:
enabled)
Active: activating (auto-restart) (Result: exit-code) since Sat 2019-12-07 20
:37:23 EST; 33s ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 3016 ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY (code=exited
, status=255)
Main PID: 3016 (code=exited, status=255)
Dec 07 20:37:23 red systemd[1]: sshd.service: Failed with result 'exit-code'.
Dec 07 20:37:23 red systemd[1]: Failed to start OpenSSH server daemon.
You have to do 2 things.
- ssh service redefine.
- selinux setting.
Step1: Edit /usr/lib/firewalld/services/ssh.xml
<service>
<short>SSH</short>
<description>Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.</description>
<port protocol="tcp" port="22"/> <--- Change your specified port number. </service>
Step 2: Execute following commands.
# semanage port -a -t ssh_port_t -p tcp xxxx <--- Change your specified port number.
Check & Restart openssh-server !