search
githubEdit

πŸšͺChange ssh port

Compared to other Clouds, OCI requires some extra steps to avoid getting locked out.

hashtag
1. Edit Security List on OCI

From the OCI control panel navigate to Compute > Instances and select your instance. You should see something like this:

Click on the subnet:

Next, either make a new Security List, or simply edit the Default:

Add a new Ingress Rule:

In the following panel enter the required information:

  • Source Type: CIDR

  • Source CIDR: either 0.0.0.0/0 or <the-ip-you'll-be-connecting-from>/32

  • IP Protocol: TCP

  • Destination Port Range: <the-port-you-want-to-use-for-ssh>

  • Description: something that makes sense to you

triangle-exclamation

Please note: DO NOT delete the default SSH (port 22) Ingress Rule at this point

hashtag
2. Change SSH listening port in the daemon

Next, connect to your instance as you did here and change SSH port on the VM:

More details about this process can be found herearrow-up-right.

triangle-exclamation

Please note: you must include the following steps for this to work in OCI

hashtag
3. Manage ingress rules with firewalld

Install firewalld and set new rules:

triangle-exclamation

Please note: before disconnecting your current session, open a new Terminal session and ssh using your new port

circle-info

A couple of links regarding this process:

Ways to manage access to OCI instancesarrow-up-right;

Problems with firewalld rulesarrow-up-right;

Controlling system access with firewalldarrow-up-right;

Opening ports to specific IPsarrow-up-right;

Managing traffic with zones in firewalldarrow-up-right.

PreviousCreate new user and remove default oneNextChanging keys

Last updated