Change ssh port , CentOS 8

Cent OS support firewall-cmd & SeLinux, Its environment understood not easily. 
ssh port changing is very easy !
Edit /etc/ssh/sshd_config. Find “# Port 22″ and change to Port xxxx” (xxxx is your specified).

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port xxxx <--- Change your specified port number.
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

if execute “sudo systemctl restart sshd.service”, you can find error messages. And execute “sudo systemctl status sshd.service”

 sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset:
 enabled)
   Active: activating (auto-restart) (Result: exit-code) since Sat 2019-12-07 20
:37:23 EST; 33s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 3016 ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY (code=exited
, status=255)
 Main PID: 3016 (code=exited, status=255)

Dec 07 20:37:23 red systemd[1]: sshd.service: Failed with result 'exit-code'.
Dec 07 20:37:23 red systemd[1]: Failed to start OpenSSH server daemon.

You have to do 2 things.

  1. ssh service redefine.
  2. selinux setting.

 

Step1: Edit /usr/lib/firewalld/services/ssh.xml

<service>
<short>SSH</short>
<description>Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.</description>
<port protocol="tcp" port="22"/> <--- Change your specified port number. </service>

Step 2: Execute following commands.

  • semanage port -a -t ssh_port_t -p tcp xxxx <— Change your specified port number.

 

Check & Restart openssh-server !