- The external sshd processes are controlled by xinetd and running in parallel to the internal sshd process. In the following example I use the port 12345: You are free to change this to any available free port number on your system. Maybe a higher value will make it also a bit more unlikely that this port is scanned by a 'quick port scan'.
- Since openssh-5.3p1-117.el6.x8664 for separating the ssh and sftp port on the CentOS/RHEL systems, make changes to the /etc/ssh/sshdconfig file and add the following modifications. # vi /etc/ssh/sshdconfig Port 22 Port 2222. Comment the default subsystem and add the.
- Edit sshd-secondconfig to assign a different port number. Use Port keyword to achieve that. See sshdconfig (5) for documentation on these keywords. Make sure this port is.
By default only one port (port number 22) will be enabled as ssh/scp port in Linux
Sshd Listen Multiple Ports
For full details of the options, and their values, see sshdconfig(5).p port Specifies the port on which the server listens for connections (default 22). Multiple port options are permitted. Ports specified in the configuration file with.
To enable multiple ssh ports we need to tweak /etc/ssh/sshd_config file.
Open /etc/ssh/sshd_config with any editor and search for line Port 22. Below this line add a new port which you want to use.
Example: I would like to use 12345 as another ssh port, add it as shown below.
Save and exit from /etc/ssh/sshd_config file.
Restart sshd service with following command:
After restarting sshd service test try to login/ssh with new port 12345, it should work.
Sshd Listen On Multiple Ports
You can also check list of ports opened for ssh using following command where you can see port 22 and 12345 in output:
Output:
-Sany
Sshd Multiple Ports
Occasionally you may find yourself using a network behind a firewall thatdoesn’t allow outgoing TCP connections with a destination port of 22, meaningyou’re unable to connect to your OpenSSH server, perhaps to take advantage ofa SOCKS proxy for encrypted and unfiltered web browsing.
Since these restricted networks almost always allow port 443 out, since it’sthe destination port for outgoing HTTPS requests, an easy workaround is to haveyour OpenSSH server listen on port 443 if it isn’t already using the port.
This is sometimes given as a rationale for changing the sshd
port completely,but you don’t need to do that; you can simply add another Port
directive tosshd_config(5)
:
After restarting the OpenSSH server with this new line in place, you can verifythat it’s listening with ss(8)
or netstat(8)
You’ll then be able to connect to the server on port 443, the same way youwould on port 22. If you intend this setup to be permanent, it would be a goodidea to save the configuration in your ssh_config(5)
file, orwhichever SSH client you happen to use.