Change the default port the SSH daemon is running on.

This is guide is intended to be complete in order to run a setup a complete GitLab environment.

Why

Why do we want to change the default port the SSH daemon is running on ?

  1. Security; when we are exposing our SSH daemon to the internet we don't want it to be visible to the outside world on the default port.
  2. GitLab allows repository access over SSH, so by moving the default SSH daemon to a different port, port 22 becomes available to be used by GitLab for remote access.

Prerequisites

For this guide we will assume the SHS daemon is already installed.

Guide

  1. Login to your server with SSH
  2. Switch to a root prompt
    sudo su -
  3. Open your SSH daemon configuration with vi
    vi /etc/ssh/sshd_config
  4. When opening a file in vi we are in what's called the Command Mode this allows us to give vi commands and to move around in the file
    Type: /Port<ENTER>

    This will move your cursor to the line starting with Port
  5. If the line starts with # then the port configuration is not active meaning that the daemon will default to port 22.

    We are assuming that with the previous command in step 4 the cursor is now highlighting the P.
  6. In order to remove the # is present on the line, type: h, this will move the cursor one to the left, and the # is now highlighted by the cursor.

    Type: x to remove the character.
  7. In order to change the port type: <SHIFT>A
    This will move the cursor to the end of the line and go into Edit Mode
    This can be verified by the bottom of your screen, it should say: -- INSERT --
  8. Now we can change the port to 32. Use backspace and change the port to 32.
  9. The line should now read: Port 32
    In order to save the changes we need to go back into Command Mode.
    This is done by pressing <ESC>.

    At the bottom the next -- INSERT -- should no longer be present.

    In order to save the file we type: :wq!
    Command Explaination:?
    : -> Command
    w -> Write
    q -> Quit
    ! -> Don't ask for confirmation
  10. Restart the SSH daemon
    systemctl service sshd restart
  11. You can now reconnect to your server with ssh user@host -p 32