By default, SSH is configured to listen on port 22. However, there may be situations where it is necessary to configure the SSH server to listen on multiple ports. This setup can be beneficial when the server is part of multiple networks that require different ports for SSH connections.
Configuring SSH to listen on multiple ports involves modifying the sshd_config file. This file allows the administrator to define additional ports on which the server will listen. Proper configuration ensures that the SSH server can handle connections on all specified ports.
It is also important to ensure that your firewall and SELinux policies are updated to permit traffic on these additional ports. Without these adjustments, the server may not be able to accept connections on the newly configured ports.
Related: How to change the SSH server port
Steps to run SSH server on multiple ports:
Launch terminal application.
Check if the ports you plan to assign to your SSH service are not already in use.
See AlsoIBM Cloud DocsChanging the Default SSH Port - IONOS HelpHow to connect to your server via SSH - LCN.comHow to Remote Access Linux Server SSH from Windows over the Internet$ ss -tlnp | grep -E "22|2022"LISTEN 0 128 *:22 *:*LISTEN 0 128 :::22 :::*
SSH service currently runs on port 22, which is expected.
Open the sshd configuration file using your preferred text editor.
$ sudo vi /etc/ssh/sshd_config
Locate the Port directive in the configuration file.
Add each desired port on a new line using the Port directive.
Port 22Port 2022
Ensure that each port is listed on a separate line using the Port directive.
Make sure the line does not begin with # as it implies the line is commented and will be ignored.
Save the changes to the sshd configuration file.
Configure your firewall to allow connections on the newly added ports (optional, if firewall is enabled).
$ sudo ufw allow 2022/tcp # Ubuntu/Debian$ sudo firewall-cmd --add-port=2022/tcp --permanent && sudo firewall-cmd --reload # CentOS / Red Hatsuccesssuccess
It is assumed the default port, 22 is already configured with correct firewall configuration. Add if necessary.
See AlsoHow to Change the SSH PortConfigure selinux to allow SSH to run on the configured port (optional, if selinux is used).
$ sudo semanage port -a -t ssh_port_t -p tcp 2022
semanage can be installed on CentOS or Red Hat systems using the following command:
$ sudo yum install --assumeyes policycoreutils-python
It is assumed the default port, 22 is already configured with correct selinux policy. Add if necessary.
Restart the sshd service to apply the changes.
$ sudo systemctl restart sshd
Verify that the sshd service is listening on all configured ports.
$ ss -tlnp | grep 22LISTEN 0 128 *:2022 *:*LISTEN 0 128 *:22 *:*LISTEN 0 128 :::2022 :::*LISTEN 0 128 :::22 :::*
Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Discuss the article:
Comment anonymously. Login not required.
