Notice: This tutorial ONLY applies to CentOS Linux. The commands will be some slight differences among different Linux-based systems.

CentOS

1. Backup SSH configuration file

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

2. Edit configuration file

vi /etc/ssh/sshd_config

To prevent possible failure to log in due to incorrect updates. We should keep port 22 open until the new port is functionally normal.

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Then, save the configuration file.

3. Add the new port to the SELINUX firewall

Install SEManage

yum -y install policycoreutils-python

Add the new port through SEManage

semanage port -a -t ssh_port_t -p tcp 10022

4. Accept new SSH port traffic in the firewall

Accept new SSH port traffic

firewall-cmd --permanent --zone=public --add-port=10022/tcp

Check the firewall status

firewall-cmd --state

5. Reload the firewall

firewall-cmd --reload

6. Restart, then check the SSH service status

systemctl restart sshd
systemctl status sshd
ss -tnlp | grep ssh

7. Try to log into the server through the new port. If it works properly, disable the original SSH port.

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.America/Phoenix
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
# Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

8. Restart SSH service

systemctl restart sshd