[HowTo] Changing your SSH port in FreePBX

One of the most common attacks your PBX will face is people trying to connect via ssh. Hackers are constantly running scanners to test if your PBX has any services on “well known” (default) ports. This tutorial will explain how to move ssh from the default port 22 to 2022.

This first step is to log into your server with ssh as root. You can use any ssh client that you like. We recommend PuTTY as a simple, free ssh client.

The ssh configuration files are located in /etc/ssh. We need to change to that directory and then edit the sshd_config file. We will use a simple text editor called nano to edit the file. Use the following commands to change to the /etc/ssh folder and then edit sshd_config:

# cd /etc/ssh
# nano sshd_config

The top of the config file will look like this:

Use your arrow keys to move the cursor down to “Port 22”. Use your backspace key to remove “22” and replace it with “2022”. If there is a “#” character before the word “Port”, remove it.

Your config file should now look like this:

Press ctrl + X to exit and Press “Y” to save the changes. Finally, press enter to confirm you will be overwriting the sshd_config file.

Now that we have changed the ssh port we need to restart ssh for the changes to take effect. This is easily done with the Linux “service” command:

# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
#

Ssh has now been restarted and you should test accessing your PBX by ssh’ing to your PBX’s IP on port 2022.

If you do not feel comfortable changing the ssh port yourself please feel free to open a support ticket by sending an email to support@cyberlynk.net with your root password and issue/concern. One of our engineers will review your ticket and reply with additional information.