This Bash script is designed to change the SSH port in the sshd_config file, configure firewall rules, update SELinux policies (if enabled), and restart the SSH service to apply the changes.
Magdi
- Allows changing the SSH port via command-line arguments.
- Creates a backup of the
sshd_configfile before modifying it. - Updates firewall rules (supports
firewalldandUFW). - Configures SELinux policies if enforced.
- Restarts the SSH service after making changes.
- Displays the new SSH port for confirmation.
Run the script with the following options:
./ssh_port_changer.sh [-p port_number] [-h]-p PORT: Specify the new SSH port (default is9999).-h: Show the help message and exit.
To change the SSH port to 2222:
./ssh_port_changer.sh -p 2222If no port is specified, it defaults to 9999:
./ssh_port_changer.shThe script automatically updates the firewall:
- If
firewalldis installed, it adds the new port and reloads the rules. - If
UFWis installed, it allows the new port and reloads the firewall. - If no firewall is detected, a warning is displayed to configure it manually.
If SELinux is in Enforcing mode, the script updates SELinux policies to allow the new SSH port.
- Run the script as root to modify system configurations.
- Ensure to update firewall rules before restarting SSH to avoid being locked out.
- After the script runs, verify the new SSH port with:
sudo sshd -T | grep "port"
- If SSH fails to restart, check logs using:
sudo journalctl -xe
- If locked out after changing the port, use console access to revert changes.