Help Center> Elastic Cloud Server> FAQs> Login and Connection> Remote Logins> How Can I Change a Remote Login Port?
View PDF

How Can I Change a Remote Login Port?

Scenarios

This section describes how to change a port for remote logins.

Windows

The following uses an ECS running Windows Server 2012 as an example. The default login port of a Windows ECS is 3389. To change it to port 2020, for example, do as follows:

  1. In the Run dialog box, enter regedit to access the registry editor.
  2. In Registry Editor, choose HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server > Wds > rdpwd > Tds > tcp and double-click PortNumber.
    1. In the dialog box that is displayed, set Base to Decimal.
    2. Change the value in Value data to the new port number, which is 2020 in this example.
      Figure 1 Changing the port number to 2020
  3. In Registry Editor, choose HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Control > Terminal Server > WinStations > RDP-Tcp and double-click PortNumber.
    1. In the dialog box that is displayed, set Base to Decimal.
    2. Change the value in Value data to the new port number, which is 2020 in this example.
      Figure 2 Changing the port number to 2020
  4. Open the Windows search box, enter services, and select Services.
    Figure 3 Services
  5. In the Services window, restart Remote Desktop Services or the ECS.
  6. Modify the inbound rules of the firewall. Perform this operation only if the firewall is enabled.

    Choose Control Panel > Windows Firewall > Advanced Settings > Inbound Rules > New Rule.

    • Rule Type: Port
    • Protocol in Protocol and Ports: TCP
    • Port in Protocol and Ports: Specific local ports, 2020 in this example
    • Action: Allow the connection
    • Profile: Default settings
    • Name: RDP-2020

    After the configuration, refresh the page to view the new rule.

  7. Modify the security group rule.

    Add an inbound rule in which Protocol is set to TCP and Port Range is set to 2020.

    Use port 2020 to remotely log in to the ECS.

Linux

The following uses an ECS running CentOS 7.3 as an example. The default login port of a Linux ECS is 22. To change it to port 2020, for example, do as follows:

  1. Run the following command to edit the sshd configuration file:

    vi /etc/ssh/sshd_config

  2. Delete the comment tag (#) from the #port 22 line and change 22 to 2020.
    Figure 4 Changing the port number to 2020
  3. Press Esc to exit editing mode. Enter :wq! to save and exit the configuration.
  4. Run either of the following commands to restart sshd:

    service sshd restart

    Or

    systemctl restart sshd

  5. (Optional) Configure the firewall. Perform this step if the firewall is enabled.

    The firewall varies depending on the CentOS version. CentOS 7 uses firewalld, and CentOS 6 uses iptables. The following operations use CentOS 7 as an example.

    Run the firewall-cmd --state command to check the firewall status.

    • Method 1: Disable the firewall and the function of automatically enabling the firewall upon ECS startup.

      systemctl stop firewalld

      systemctl disable firewalld

    • Method 2: Add information about a new port to firewalld.
      1. Run the following commands to add a rule for port 2020:

        firewall-cmd --zone=public --add-port=2020/tcp --permanent

        firewall-cmd --reload

      2. View the added port. The TCP connection of port 2020 has been added.

        firewall-cmd --list-all

      3. Restart firewalld.

        systemctl restart firewalld.service

  6. Modify the security group rule.

    Add an inbound rule in which Protocol is set to TCP and Port Range is set to 2020.

    Use port 2020 to remotely log in to the ECS.

Parent topic: Remote Logins