Help Center/ Elastic Cloud Server/ FAQs/ Remote Login/ Remote Logins/ How Can I Change a Remote Login Port?
Updated on 2025-09-08 GMT+08:00
View PDF

How Can I Change a Remote Login Port?

Scenarios

This section describes how to change a port for remote logins.

Linux

The following procedure uses an ECS running CentOS 7.3 as an example. The default login port of a Linux ECS is 22. To change it to port 2020, for example, do as follows:

  1. Modify the security group rule.
    1. Log in to the management console.
    2. Click in the upper left corner and select a region and project.
    3. Click . Under Compute, click Elastic Cloud Server.
    4. On the ECS list, click the name of an ECS for which you want to modify the security group rule.
    5. On the ECS details page, click the security group in the Security Groups area to go to the security group details page.
    6. On the Inbound Rules tab, click Add Rule. In the displayed dialog box, set Protocol & Port as follows:
      • Protocols: TCP (Custom ports)
      • Port: 2020

      For details, see Adding a Security Group Rule.

  2. Log in to the ECS.
  3. Run the following command to edit the sshd configuration file:

    vi /etc/ssh/sshd_config

  4. Delete the comment tag (#) from the #port 22 line and change 22 to 2020.
    Figure 1 Changing the port number to 2020
  5. Press Esc to exit Insert mode and enter :wq! to save the settings and exit.
  6. Run either of the following commands to restart sshd:

    service sshd restart

    Or

    systemctl restart sshd

  7. Skip this step if the firewall is disabled. Configure the firewall.

    The firewall varies depending on the CentOS version. CentOS 7 uses firewalld, and CentOS 6 uses iptables. The following operations use CentOS 7 as an example.

    Run the firewall-cmd --state command to check the firewall status.

    • (Recommended) Method 1: Add information about a new port to firewalld.
      1. Run the following commands to add a rule for port 2020:

        firewall-cmd --zone=public --add-port=2020/tcp --permanent

        firewall-cmd --reload

      2. View the added port. The TCP connection of port 2020 will have been added.

        firewall-cmd --list-all

      3. Restart firewalld.

        systemctl restart firewalld.service

    • Method 2: Disable the firewall and the function of automatically enabling the firewall upon ECS startup.

      systemctl stop firewalld

      systemctl disable firewalld

  8. Run the following command to check whether the port is open:

    telnet EIP port

    For example: telnet xx.xx.xx.xx 2020

Parent topic: Remote Logins