• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Configure Separate Port For SSH and SFTP On CentOS/RHEL

By admin

Sometimes for the security reasons, there is a need to have a separate port for ssh and sftp on CentOS/RHEL. Here’s a short how-to on configuring SSH on port 2222 and SFTP to work on port 22.

1. Since openssh-5.3p1-117.el6.x86_64 for separating the ssh and sftp port on the CentOS/RHEL systems, make changes to the /etc/ssh/sshd_config file and add the following modifications.

# vi /etc/ssh/sshd_config
Port 22
Port 2222

2. Comment the default subsystem and add the below subsystem.

# vi /etc/ssh/sshd_config
Subsystem sftp internal-sftp

Add the below lines at the end of file /etc/ssh/sshd_config

# vi /etc/ssh/sshd_config
Match LocalPort 22
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

3. After making the modifications just save and restart the sshd service.

# service sshd restart

This will allow port 22 for sftp connections only. Port 2222 can be used for ssh to the server.

Verify

Let’s verify our configuration. First, try ssh to the server with default port (22). It should fail as shown in the example below:

# ssh root@192.168.10.12
root@192.168.10.12's password:
This service allows sftp connections only.
Connection to 192.168.10.12 closed.

Now try ssh by providing the port 2222 as well. It should succeed this time.

# ssh -p 2222 root@192.168.10.12
root@192.168.10.12's password:
Last login: Mon Apr 17 15:23:58 2018 from ......

As a last verification, try sftp to the system with default port i.e. 22:

# sftp root@192.168.10.12
Connecting to 192.168.10.12...
root@192.168.10.12's password:
sftp>

Filed Under: CentOS/RHEL 6, Linux

Some more articles you might also be interested in …

  1. How to find and delete files older than some particular time period in Linux
  2. CentOS / RHEL 6,7 : How to configure hugepages
  3. How to enable core dump for Applications on CentOS/RHEL
  4. Manual Changes Made To /etc/hosts Or /etc/sysconfig/network-scripts/ifcfg-* Are Lost
  5. Beginners Guide to Managing Package Module Streams in CentOS/RHEL 8
  6. “comm” Command in Linux with Examples
  7. How to Partition DM-Multipath Pseudo Devices in CentOS/RHEL
  8. How to use auditd to monitor a file deletion in Linux
  9. How to disable avahi-daemon service in CentOS/RHEL
  10. How to obtain virtual/physical CPU information in Oracle VM (XEN)

You May Also Like

Primary Sidebar

Recent Posts

  • Failed to start LSB: Bring up/down networking – On restarting network service CentOS/RHEL (DHCP client)
  • How To Add Timestamps To dmesg Kernel Boot Log in CentOS/RHEL
  • How to disable ICMP redirects on CentOS/RHEL
  • What are Oracle Key Vault Roles
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary