Check the available package
[root@lab ~]# rpm -qa openssh*
openssh-8.0p1-3.el8.x86_64
openssh-ldap-8.0p1-3.el8.x86_64
openssh-server-8.0p1-3.el8.x86_64
openssh-clients-8.0p1-3.el8.x86_64
openssh-keycat-8.0p1-3.el8.x86_64
openssh-askpass-8.0p1-3.el8.x86_64
openssh-cavs-8.0p1-3.el8.x86_64Check the SSH Service Status
root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-10-25 10:12:37 +03; 1h 19min ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 7204 (sshd)
Tasks: 1 (limit: 11337)
Memory: 7.1M
CGroup: /system.slice/sshd.servnote down the port number which is currently in use , in my case its 22
root@lab ~]# netstat -lnptu | grep "ssh"
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 7204/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 6895/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 7216/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 7204/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 6895/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 7216/sshd: root@pts
[root@lab ~]#Check related configuration files of ssh server
[root@lab ~]# rpm -qc openssh-server-8.0p1-3.el8.x86_64
/etc/pam.d/sshd
/etc/ssh/sshd_config
/etc/sysconfig/sshd
[root@lab ~]#open the sshd file and edit the ports with requried number
[root@lab ~]# vim /etc/ssh/sshd_config
This is the sshd server system-wide configuration file. See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options override the
default value.
If you want to change the port on a SELinux system, you have to tell
SELinux about this change.
semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 22000
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
RekeyLimit default none
System-wide Crypto policy:
This system is following system-wide crypto policy. The changes to
Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any
effect here. They will be overridden by command-line options passed on
the server start up.
To opt out, uncomment a line with redefinition of CRYPTO_POLICY=
variable in /etc/sysconfig/sshd to overwrite the policy.
For more information, see manual page for update-crypto-policies(8).add ports to firewall policy and allow & reload firewall
[root@lab ~]# firewall-cmd --permanent --add-port=22000/tcp
Warning: ALREADY_ENABLED: 22000:tcp
success
[root@lab ~]# firewall-cmd --reload
success
[root@lab ~]#add new port number to selinux
[root@lab ~]# semanage port -a -t ssh_port_t -p tcp 22000
[root@lab ~]#check available port for ssh
[root@lab ~]# semanage port -l | grep "ssh"
ssh_port_t tcp 22000, 22Restart the SSHD service and check status
[root@lab ~]# systemctl restart sshd.service
[root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-10-25 11:49:16 +03; 9s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 8214 (sshd)
Tasks: 1 (limit: 11337)
Memory: 1.1M
CGroup: /system.slice/sshd.servicecheck the listening port
[root@lab ~]# netstat -lnptu | grep "ssh"
tcp 0 0 0.0.0.0:22000 0.0.0.0:* LISTEN 8214/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 6895/sshd: root@pts
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 7216/sshd: root@pts
tcp6 0 0 :::22000 :::* LISTEN 8214/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 6895/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 7216/sshd: root@pts
[root@lab ~]#now open any client ssh tool and try to access server with the new ports.
thanks to visit by blogs
Tech Experience By NISHANT 