How To Change SSH Port On CoreOS

Changing your SSH port can help prevent security issues. In this guide, you’ll learn how to can change the SSH port on CoreOS.

Step 1: Changing the SSH port

We can change the SSH port by modifying settings in the /usr/lib/systemd/system/sshd.socket file. Open this file with a text editor:

vi /usr/lib/systemd/system/sshd.socket

Find the ListenStream option and change the port to your new desired SSH port. Save the file.

Step 2: Restarting SSH

If you are running a firewall on your CoreOS server, remember to allow yourself access with the new SSH port.

Restart the SSH daemon using systemctl:

systemctl restart sshd.socket

The SSH server has been restarted and is now listening on the new port.

If you can no longer log into SSH, use the online console at My Vultr to troubleshoot the issue. As previously mentioned, this can happen if you have forgotten to open the new SSH port in the system firewall.

Optional: Disable SSH access for the root user

In addition to changing the SSH port, disabling access for the root user over SSH is also a good security measure.

Step 1: Disabling root user access

Open the /etc/ssh/sshd_config config file with an editor:

vi /etc/ssh/sshd_config

Change the value of PermitRootLogin from yes to no. Save the file

Step 2: Restarting SSH

Restart the SSH daemon again with systemctl:

systemctl restart sshd.socket

SSH attempts as the root user to your server will now be denied.