To change the SSH port, use the following instructions (thanks to This email address is being protected from spambots. You need JavaScript enabled to view it. and his howto here). I've used these instructions and some alterations I made previous to:
- limit the outside ip-addresses that can connect to SSH
- change the default outside listening port

Follow these instructions to change the default ssh port from 22 to something else, such as 2222. This how-to only applies to version 5.1 .
Make the directories needed for the necessary template fragments.

mkdir –p /etc/e-smith/templates-custom/etc/ssh/sshd_config

mkdir –p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq

Copy the template fragment that specifies the ssh port number.

cp –rip /etc/e-smith/templates/ssh/sshd_config/10port /etc/e-smith/templates-custom/etc/ssh/sshd_config/

Edit the template fragment and add the port number to what you want, just add another line with "Port ".

Now, expand the template with the following command:

/sbin/e-smith/expand-template /etc/ssh/sshd_config

Next, copy the template fragment that specifies port 22 to be open in the firewall.

cp –rip /etc/e-smith/templates/etc/rc.d/init.d/masq/45AllowSSH /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/

Edit the file and change the number 22 to what ever number you specified above. My file looks like this, allowing only port 22 from the local network and allowing port 2222 from the outside only from specific ip-addresses

{
local %services = ( sshd => $sshd );

my $status = db_get_prop(\%services, 'sshd', 'status') || "disabled";

my $access = db_get_prop(\%services, 'sshd', 'access') || "private";

if ( ($status eq 'enabled' ) and ($access eq 'public') )
{
$OUT .= < # original line accepts all addresses
# /sbin/ipchains --append input -p tcp -s 0/0 -d $OUTERNET 22 -j ACCEPT

#
# Allow only access from:
# local network 192.168.0.0/255.255.255.0
# 123.234.123.234 / 123.234.123.235
# 124.15. and 125.16. with subnet 255.255.0.0

/sbin/ipchains --append input -p tcp -s 192.168.0.0/255.255.255.0 -d $OUTERNET 22 -j ACCEPT
/sbin/ipchains --append input -p tcp -s 123.234.123.234/255.255.255.255 -d $OUTERNET 2222 -j ACCEPT
/sbin/ipchains --append input -p tcp -s 123.234.123.235/255.255.255.255 -d $OUTERNET 2222 -j ACCEPT
/sbin/ipchains --append input -p tcp -s 124.15.0.0/255.255.0.0 -d $OUTERNET 2222 -j ACCEPT
/sbin/ipchains --append input -p tcp -s 125.16.0.0/255.255.0.0 -d $OUTERNET 2222 -j ACCEPT
/sbin/ipchains --append output ! -y -p tcp -d 0/0 -s $OUTERNET 2222 -j ACCEPT
HERE
}
}

Now, expand the template with the following command:

/sbin/e-smith/expand-template /etc/rc.d/init.d/masq

Now restart the ssh service:

service sshd restart

Now restart the firewall service:

service masq restart

That’s it. Try connecting over ssh through the new port you specified. If it doesn’t work, check your files.