Changing the Default SSH Port (Linux / CentOS)

SSH is one of the most commonly attacked services as it provides easy access to full control of a dedicated server. Changing the default SSH port will help prevent an attacker from launching brute force attacks to the default port.
 
**Change "someportnumber" to a new port number that is not in use for other services.
 
1. Login to your server as root
2. Within the command line, execute the command line 'nano /etc/sysconfig/iptables' to edit the IPTables configuration file.
    Add the following line to the configuration file: '-A INPUT -m state --state NEW -m tcp -p tcp --dport someportnumber -j ACCEPT' directly below line '-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT' in the configuration file.
    Save and exit by holding down 'ctrl' and 'x'
3. Within the command line run the command 'service iptables restart' to restart the IPTables service
4. Run the command 'service iptables status' to see if the new rule has been applied (optional)
5. Edit the SSH configuration file with the command 'nano /etc/ssh/sshd_config'
    Modify the line '#port 22' by removing '#' and replacing '22' to your new desired port number we opened on the IPTables configuration.
    Save and exit by holding down 'ctrl' and 'x'
6. Within the command line, execute 'service sshd restart' to restart the SSH service. 
7. If you can still access the command line, type 'ss -tnlp | grep ssh' to verify SSH is listening on the new port. (optional)
8. Connect to the server via SSH using the new port you selected.
9. Run the command 'nano /etc/sysconfig/iptables' to edit the IPTables configuration file again.
    Comment out line '-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT' by adding '#' in the beginning of the line to block all connectivity to port 22.
    Save and exit by holding down 'ctrl' and 'x'
10. Execute the command 'service iptables restart' to restart the IPTables service
 
 
  • 0 Uživatelům pomohlo
Byla tato odpověď nápomocná?

Související články

Changing the Default SSH Port (Linux / Ubuntu / Debian)

SSH is one of the most commonly attacked services as it provides easy access to full control of a...

Disable Recursive DNS (Linux / Windows)

DNS is used to translate hostnames into IP addresses. When DNS servers are misconfigured, they...

Disabling SSDP (Linux / Windows)

SSDP is used by some consumer-level equipment for network discovery.  It does not have any real...

Enabling and basic configuration of the firewall settings (Linux / Ubuntu)

Enabling the firewall will help you protect your dedicated server from unwanted connections to...

Securing NTP (Linux Only)

NTP is used for ensuring the time on your dedicated server is accurate. Some configurations of...

Powered by WHMCompleteSolution