How to Change Your SSH Port on SELinux (RHEL 6)
In a previous post (How to Change Linux Server SSH Port), I write how to change the SSH port on Linux server from the standard port 22. that work fine for most cases, however you may face below error if you apply changes on Red Hat Enterprise Linux 6:
sshd[82123]: error: Bind to port 2222 on 192.168.4.5 failed: Permission denied
If you face above error message, you most likely setup SELinux (Security Enhanced Linux) enabled, as it is a standard feature of RHEL. In this version, SELinux blocks all other ports for access to SSH, except for the standard port 22. Fortunately, it is quite simple to change the settings to allow the port you want (i.e. 2222 in our other article).
Logon to your linux server as root and use “semanage” to display the current port settings. The command is below:
semanage port -l | grep ssh
This command produce output looks like below:
ssh_port_t tcp 22
You can add port 2222 to the list of acceptable ports with the following command:
semanage port -a -t ssh_port_t -p tcp 2222
You should re-check to make sure the changes were saved.
semanage port -l | grep ssh
The output should now look like this:
ssh_port_t tcp 2222,22
Make sure to configure your Linux server firewall rules to allow new SSH port (2222) and to block default SSH port (port number 22).
Verify the settings and restart OpenSSH in order to changes to take effect.
/sbin/service sshd restart
Now you should be able to connect to custom SSH port (2222 for our example).
Tags: bind, enterprise linux, error message, grep, Linux, openssh, port 22, port settings, ports, red hat enterprise, RHEL, server firewall, tcp
