UFW OpenSSH application port change?

When using UFW I see there are "applications" like OpenSSH or Apache, to name a couple. If I were to change my SSH default port to something other than the 22, would the OpenSSH application rule map to the new port? Or, do I need to manually add the rule for this new port?

Solution 1:

The quickest way to manually add a new rule for a different SSH port would be with the following command:

sudo ufw allow <port number>/tcp

inserting your particular port into the command.

While you haven't specifically asked, remember that you need to make your port number change in the file /etc/ssh/sshd_config. Be sure that you also remember to restart the sshd service after making your change(s) to the configuration file with the command: sudo systemctl restart sshd.

Working with ufw application profiles

Optionally, you could choose to either modify the existing ufw OpenSSH application profile directly, or create an entirely new application profile for your new SSH port.

Adapted from the ufw man page:

APPLICATION INTEGRATION

ufw  supports  application  integration  by  reading  profiles  located  in `/etc/ufw/applications.d`. 


   Syntax for the application profiles is a simple .INI format:

    [OpenSSH]
    title=Secure shell server, an rshd replacement
    description=OpenSSH is a free implementation of the Secure Shell protocol.
    ports=22/tcp


   After creating or editing an application profile, users can run:

     sudo ufw app update <name>

See man ufw for additional implementation details.