~ overflow ~

Problem:

how to change sshd port in order to avoid script kiddies attacks and lower your cpu usage (brute force password attacks)

Solution:

vi /etc/ssh/sshd_config

change Port XX value

service sshd restart

Now you should test ssh with the new port, i don’t need to say that you shouldn’t disconnect the first session in case something goes wrong.

If the ssh don’t work for you on the new port you probably got selinux rule for the ssh enabled, to check try this:

semanage port -l | grep ssh

if you have the selinux rule enabled for ssh, this command will return this:

ssh_port_t                     tcp      22

now we should add a new rule (since it’s impossible to remove the default one) for the ssh, allow it to listen on a different port of your choice:

semanage port -a -t ssh_port_t -p tcp ####

where #### is the port you configurated for sshd (doh!)

then now all you have to do is restart sshd and done!