Change SSH Port with SELinux Enabled
This post will help you change your server ssh port with selinux enabled on Centos 7 or Fedora 28 or other distros.
Suppose the new ssh port is 3333.
Change SSH port
port=3333
[root@localhost ~] cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
[root@localhost ~] sudo sed -i "s/#Port 22/Port $port/g" /etc/ssh/sshd_config
Allow port 3333 in Selinux
[root@localhost ~] semanage port -d -t ssh_port_t -p tcp 22
[root@localhost ~] semanage port -a -t ssh_port_t -p tcp $port
[root@localhost ~] sudo systemctl restart sshd
[root@localhost ~] sudo semanage port -l | grep ssh
ssh_port_t tcp 3333
Allow port 3333 with firewalld
[root@localhost ~] sudo firewall-cmd --permanent --zone=public --add-port=$port/tcp
[root@localhost ~] sudo firewall-cmd --reload
Now you can login your server with following command
ssh -p $port user@ip_address


