{"id":4960,"date":"2019-01-30T14:14:44","date_gmt":"2019-01-30T22:14:44","guid":{"rendered":"http:\/\/3.209.169.194\/blogs\/paul\/?p=4960"},"modified":"2019-01-30T14:14:44","modified_gmt":"2019-01-30T22:14:44","slug":"changing-the-ssh-port-for-a-rhel-azure-vm","status":"publish","type":"post","link":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/","title":{"rendered":"Changing the SSH port for a RHEL Azure VM"},"content":{"rendered":"<p style=\"text-align: justify;\">I&#8217;m working with Red Hat Enterprise Linux (RHEL) VMs on Azure and one of the best practices that Microsoft recommends is to change the default SSH port from 22 to something else. I was looking for a consolidated set of instructions to do this and I couldn&#8217;t find one, so I thought I&#8217;d do a quick post on it.<\/p>\n<p style=\"text-align: justify;\">The steps that need to be performed are:<\/p>\n<ul>\n<li>Allow the new port in the RHEL firewall<\/li>\n<li>Change the SSH daemon to listen on\u00a0the new port<\/li>\n<li>Add an incoming rule in the VM network security group for the new port<\/li>\n<li>Remove the rule that allows port 22<\/li>\n<\/ul>\n<p>Changing the SSH port has to be done after creating the VM, as the SSH daemon is set up to listen on port 22 by default, so as part of the VM configuration, make sure to allow port 22 to be opened. Once the VM is created and running, connect to it using your favorite SSH client.<\/p>\n<p>Let&#8217;s choose port 52019 to use instead of 22.<\/p>\n<p>To allow the port in the RHEL firewall:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\nsudo firewall-cmd --permanent --zone=public --add-port=52019\/tcp\r\nsudo firewall-cmd --reload\r\n<\/pre>\n<p>You should see a &#8216;Success&#8217; message after each of these commands, and you can double check that the firewall rule was added using:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\nsudo iptables-save | grep '52019'\r\n<\/pre>\n<p>And you should see:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\n-A IN_public_allow -p tcp -m tcp --dport 52019 -m conntrack --ctstate NEW -j ACCEPT\r\n<\/pre>\n<p>To change the SSH daemon to use port 52019 we need to change it&#8217;s configuration and restart it. Edit the config file using:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\nsudo vi \/etc\/ssh\/sshd_config\r\n<\/pre>\n<p>Now vi is not very user friendly, but it&#8217;s easy once you learn it. Use the down arrow so your cursor is over the # at the start of the line that says:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\n#Port 22\r\n<\/pre>\n<p>Hit your Insert key until the word REPLACE shows at the bottom of the SSH window. Then type:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\nPort 52019\r\n<\/pre>\n<p>Now hit Esc then :w and then Esc then :q to write the file and exit.<\/p>\n<p>To restart the SSH daemon:<\/p>\n<pre class=\"brush: plain; gutter: false; title: ; toolbar: true; wrap-lines: true; notranslate\" title=\"\">\r\nsudo service sshd restart\r\n<\/pre>\n<p style=\"text-align: justify;\">Now go into the Azure Portal and for that VM:<\/p>\n<ul style=\"text-align: justify;\">\n<li>Click Networking in the Settings pane and click the blue &#8216;Add inbound port rule&#8217; button on the right<\/li>\n<li>In the wizard that comes up, change the &#8216;Destination port ranges&#8217; to 52019 and the &#8216;Name&#8217; to something like &#8216;IncomingSSH&#8217;<\/li>\n<li>Click the blue &#8216;Add&#8217; button<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">Once the rule has been added, you should be able to create a new SSH connection to the VM using port 52019. Once you&#8217;ve done that, drop the initial SSH connection that&#8217;s still using port 22\u00a0by going back to the Networking tab in the Azure Portal, finding the existing rule for port 22, click the &#8216;&#8230;&#8217; on the right and selecting Delete.<\/p>\n<p style=\"text-align: justify;\">Hope this helps anyone else looking for concise instructions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;m working with Red Hat Enterprise Linux (RHEL) VMs on Azure and one of the best practices that Microsoft recommends is to change the default SSH port from 22 to something else. I was looking for a consolidated set of instructions to do this and I couldn&#8217;t find one, so I thought I&#8217;d do a [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[109,112],"tags":[],"class_list":["post-4960","post","type-post","status-publish","format-standard","hentry","category-azure","category-linux"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Changing the SSH port for a RHEL Azure VM - Paul S. Randal<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Changing the SSH port for a RHEL Azure VM - Paul S. Randal\" \/>\n<meta property=\"og:description\" content=\"I&#8217;m working with Red Hat Enterprise Linux (RHEL) VMs on Azure and one of the best practices that Microsoft recommends is to change the default SSH port from 22 to something else. I was looking for a consolidated set of instructions to do this and I couldn&#8217;t find one, so I thought I&#8217;d do a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/\" \/>\n<meta property=\"og:site_name\" content=\"Paul S. Randal\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-30T22:14:44+00:00\" \/>\n<meta name=\"author\" content=\"Paul Randal\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Paul Randal\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/\",\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/\",\"name\":\"Changing the SSH port for a RHEL Azure VM - Paul S. Randal\",\"isPartOf\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#website\"},\"datePublished\":\"2019-01-30T22:14:44+00:00\",\"author\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Changing the SSH port for a RHEL Azure VM\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#website\",\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/\",\"name\":\"Paul S. Randal\",\"description\":\"In Recovery...\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce\",\"name\":\"Paul Randal\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g\",\"caption\":\"Paul Randal\"},\"sameAs\":[\"http:\/\/3.209.169.194\/blogs\/paul\"],\"url\":\"https:\/\/www.sqlskills.com\/blogs\/paul\/author\/paul\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Changing the SSH port for a RHEL Azure VM - Paul S. Randal","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/","og_locale":"en_US","og_type":"article","og_title":"Changing the SSH port for a RHEL Azure VM - Paul S. Randal","og_description":"I&#8217;m working with Red Hat Enterprise Linux (RHEL) VMs on Azure and one of the best practices that Microsoft recommends is to change the default SSH port from 22 to something else. I was looking for a consolidated set of instructions to do this and I couldn&#8217;t find one, so I thought I&#8217;d do a [&hellip;]","og_url":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/","og_site_name":"Paul S. Randal","article_published_time":"2019-01-30T22:14:44+00:00","author":"Paul Randal","twitter_misc":{"Written by":"Paul Randal","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/","url":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/","name":"Changing the SSH port for a RHEL Azure VM - Paul S. Randal","isPartOf":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#website"},"datePublished":"2019-01-30T22:14:44+00:00","author":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce"},"breadcrumb":{"@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/changing-the-ssh-port-for-a-rhel-azure-vm\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sqlskills.com\/blogs\/paul\/"},{"@type":"ListItem","position":2,"name":"Changing the SSH port for a RHEL Azure VM"}]},{"@type":"WebSite","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#website","url":"https:\/\/www.sqlskills.com\/blogs\/paul\/","name":"Paul S. Randal","description":"In Recovery...","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sqlskills.com\/blogs\/paul\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/ffcec826c18782e1e0adf173826a7fce","name":"Paul Randal","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sqlskills.com\/blogs\/paul\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0b6a266bba2f088f2551ef529293001bd73bf026bc1908b9866728c062beeeb6?s=96&d=mm&r=g","caption":"Paul Randal"},"sameAs":["http:\/\/3.209.169.194\/blogs\/paul"],"url":"https:\/\/www.sqlskills.com\/blogs\/paul\/author\/paul\/"}]}},"_links":{"self":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts\/4960","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/comments?post=4960"}],"version-history":[{"count":0,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/posts\/4960\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/media?parent=4960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/categories?post=4960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sqlskills.com\/blogs\/paul\/wp-json\/wp\/v2\/tags?post=4960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}