Changing the default SSH port on Oracle Linux can enhance your server’s security by minimizing the number of automated brute force and botnet attacks. In this comprehensive guide, we will walk you through the process of how to change the SSH port on your Oracle Linux server. We will also cover some essential security measures to further secure your server.
Why Change the Default SSH Port?
The default SSH port (22) is well-known, and attackers often target this port when attempting to gain unauthorized access to a server. By changing the default SSH port, you make it more difficult for attackers to find the port through automated scans. This is not a foolproof security measure, but it is an additional layer of protection that complements other security best practices.
Before proceeding, ensure that you have the following:
- Oracle Linux server: This guide is tailored for Oracle Linux, but the steps are similar for other Linux distributions.
- Root access: You need root access or a user with sudo privileges to change the SSH port.
- SSH client: You’ll need an SSH client to connect to your server.
How to Change SSH Port on Oracle Linux
Backup the SSH Configuration File
Before making any changes to your server’s configuration, it’s essential to create a backup. This allows you to revert to the previous settings if anything goes wrong.
To backup the SSH configuration file, run the following command:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
Edit the SSH Configuration File on Oracle Linux
Now, let’s change the SSH port by editing the configuration file. Open the file using a text editor such as nano or vim:
sudo nano /etc/ssh/sshd_config
Find the line that starts with
#Port 22. Remove the
# symbol to uncomment the line, and change the port number to a custom value (e.g., 2222). Make sure to choose a port number above 1024 and not currently in use by other services.
Save the file and exit the editor.
Configure the Firewall
Update your firewall rules to allow incoming connections on the new SSH port. If you’re using the default firewalld, run the following command, replacing
2222 with your custom port number:
sudo firewall-cmd --permanent --zone=public --add-port=2222/tcp sudo firewall-cmd --reload
If you’re using ConfigServer Security & Firewall (CSF), edit the
/etc/csf/csf.conf file and add your new port to the
TCP_OUT lines. Save the changes and restart CSF with
sudo csf -r.
Restart the SSH Service
Apply the new configuration by restarting the SSH service:
sudo systemctl restart sshd
Test the New SSH Port
Before closing your current SSH session, open a new terminal and test the connection using the new port:
ssh -p 2222 your_username@your_server_ip
If the connection is successful, you have successfully changed the SSH port on your Oracle Linux server.
Additional Security Measures
To further secure your server, consider implementing the following measures:
- Install and configure Fail2ban
- Disable password authentication and use SSH keys
- Disable root login
- Enable two-factor authentication (2FA)
- Regularly update your server
In this guide, we showed you how to change the SSH port on Oracle Linux to enhance your server’s security. Changing the default SSH port is a simple yet effective way to reduce the risk of automated attacks on your server. Remember to combine this technique with other security best practices to ensure that your server remains safe from unauthorized access.
Now that you’ve successfully changed the SSH port on your Oracle Linux server, you may want to explore other tutorials to improve your server management skills:
- How to Install Git on Oracle Linux
- How to Install Let’s Encrypt on Oracle Linux
- How to Install PHP on Oracle Linux
- How to Install Unzip on Oracle Linux
- How to Set Up a MySQL Database Server on Oracle Linux
Remember, staying informed and following best practices is crucial for maintaining a secure and reliable server environment. Happy server management!