How To Change SSH Port On CoreOS

Changing your SSH port can help prevent security issues. In this guide, you’ll learn how to can change the SSH port on CoreOS.

Step 1: Changing the SSH port #

We can change the SSH port by modifying settings in the /usr/lib/systemd/system/sshd.socket file. Open this file with a text editor:

vi /usr/lib/systemd/system/sshd.socket

Find the ListenStream option and change the port to your new desired SSH port. Save the file.

Step 2: Restarting SSH #

If you are running a firewall on your CoreOS server, remember to allow yourself access with the new SSH port.

Restart the SSH daemon using systemctl:

systemctl restart sshd.socket

The SSH server has been restarted and is now listening on the new port.

If you can no longer log into SSH, use the online console at My OneHost Cloud to troubleshoot the issue. As previously mentioned, this can happen if you have forgotten to open the new SSH port in the system firewall.

Optional: Disable SSH access for the root user #

In addition to changing the SSH port, disabling access for the root user over SSH is also a good security measure.

Step 1: Disabling root user access #

Open the /etc/ssh/sshd_config config file with an editor:

vi /etc/ssh/sshd_config

Change the value of PermitRootLogin from yes to no. Save the file

Step 2: Restarting SSH #

Restart the SSH daemon again with systemctl:

systemctl restart sshd.socket

SSH attempts as the root user to your server will now be denied.

Powered by BetterDocs