How to Change SSH Port When Selinux is Enable on Oracle Linux 7

SSH service runs on 22 port number. You can change this port number for security. If you use Oracle Linux 7, Centos 7 or Red Hat Linux 7 versions, you can change port number with below operations. If selinux is enabled, you have to add new port number to selinux configuration because of the fact that selinux allows only 22 port number for ssh connections.

Step 1 : Display your IP address
[root #] ip addr
192.168.1.191

Step 2 : Change Port Number
[root #] cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
[root #] vi /etc/ssh/sshd_config
Change port 22 with 5191 (191, is the last 3 digit from IP) ** This choice is donw, because in my netwrok i have more than 5 unix servers.
PermitRootLogin Yes

Step 3 : Change Selinux Configuration
[root #] semanage port -a -t ssh_port_t -p tcp 5191
[root #] semanage port -l | grep ssh

Step 4 : Add New Port to Firewall
To Add:
[root #] firewall-cmd –permanent –zone=public –add-port=5191/tcp
To Activate
[root #] firewall-cmd –reload

Step 5 : Restart SSHD Service to Activate New SSH Confiuration
[root #] systemctl restart sshd.service
Or
[root #] service sshd restart

Step 6 : Show Running SSH Port
[root #] ss -tnlp | grep ssh

Step 7 : Test a connectivity
[root #] ssh -p 5191 This email address is being protected from spambots. You need JavaScript enabled to view it.
root@10.0.1.4's password:
Last login: Wed Oct 17 08:01:59 2012 from 192.168.1.155

Source: Fatih Acar