Learn How To Change SSH Port On CoreOS

September 19, 2019

Table of Contents

Changing your SSH port can help prevent security issues. In this guide, you’ll learn how to can change the SSH port on CoreOS.

Step 1: Changing the SSH port

We can change the SSH port by modifying settings in the /usr/lib/systemd/system/sshd.socket file. Open this file with a text editor:

vi /usr/lib/systemd/system/sshd.socket

Find the ListenStream option and change the port to your new desired SSH port. Save the file.

Step 2: Restarting SSH

If you are running a firewall on your CoreOS server, remember to allow yourself access with the new SSH port.

Restart the SSH daemon using systemctl:

systemctl restart sshd.socket

The SSH server has been restarted and is now listening on the new port.

If you can no longer log into SSH, use the online console at My IT Web Services to troubleshoot the issue. As previously mentioned, this can happen if you have forgotten to open the new SSH port in the system firewall.

Optional: Disable SSH access for the root user

In addition to changing the SSH port, disabling access for the root user over SSH is also a good security measure.

Step 1: Disabling root user access

Open the /etc/ssh/sshd_config config file with an editor:

vi /etc/ssh/sshd_config

Change the value of PermitRootLogin from yes to no. Save the file

Step 2: Restarting SSH

Restart the SSH daemon again with systemctl:

systemctl restart sshd.socket

SSH attempts as the root user to your server will now be denied.

Need help?

Do you need help setting up this on your own service?
Please contact us and we’ll provide you the best possible quote!