Change the default port the SSH daemon is running on.
This is guide is intended to be complete in order to run a setup a complete GitLab environment.
Why
Why do we want to change the default port the SSH daemon is running on ?
- Security; when we are exposing our SSH daemon to the internet we don't want it to be visible to the outside world on the default port.
GitLab
allows repository access over SSH, so by moving the default SSH daemon to a different port, port 22 becomes available to be used byGitLab
for remote access.
Prerequisites
For this guide we will assume the SHS daemon is already installed.
Guide
- Login to your server with SSH
- Switch to a
root
promptsudo su -
- Open your SSH daemon configuration with vi
vi /etc/ssh/sshd_config
- When opening a file in
vi
we are in what's called theCommand Mode
this allows us to givevi
commands and to move around in the file
Type:/Port<ENTER>
This will move your cursor to the line starting withPort
- If the line starts with
#
then the port configuration is not active meaning that the daemon will default to port22
.
We are assuming that with the previous command in step 4 the cursor is now highlighting theP
. - In order to remove the
#
is present on the line, type:h
, this will move the cursor one to the left, and the#
is now highlighted by the cursor.
Type:x
to remove the character. - In order to change the port type:
<SHIFT>A
This will move the cursor to the end of the line and go intoEdit Mode
This can be verified by the bottom of your screen, it should say:-- INSERT --
- Now we can change the port to
32
. Use backspace and change the port to32
. - The line should now read:
Port 32
In order to save the changes we need to go back intoCommand Mode
.
This is done by pressing<ESC>
.
At the bottom the next-- INSERT --
should no longer be present.
In order to save the file we type::wq!
Command Explaination:?:
->Command
w
-> Writeq
-> Quit!
-> Don't ask for confirmation - Restart the SSH daemon
systemctl service sshd restart
- You can now reconnect to your server with
ssh user@host -p 32