change the SSH port

miscellaneous/secure_ssh.sh

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+# Warning: Before running this script, make sure you have created a user and an SSH key in the authorized_keys file.
+
 # This script is designed to configure the SSH server on a Linux system according to Mozilla's security best practices.
 # It enhances the security of SSH connections by enforcing modern encryption standards, disabling insecure protocols, and restricting root access.
 # The script backs up the original SSH configuration file, applies a new set of secure settings, and then restarts the SSH service to apply the changes.
@@ -34,6 +36,15 @@ else
     allow_users="# AllowUsers configuration not set"
 fi
 
+# Ask user if they want to change the SSH port
+read -p "Do you want to change the SSH port? (yes/no): " change_port
+if [[ "$change_port" == "yes" ]]; then
+    read -p "Enter the new SSH port: " new_port
+    port_setting="Port $new_port"
+else
+    port_setting="# Port configuration not changed"
+fi
+
 # Modify the sshd_config file
 cat <<EOL > "$SSHD_CONFIG"
 # Mozilla SSH Security Recommendations
@@ -68,6 +79,9 @@ ClientAliveCountMax 2
 
 # IP restriction based on user input
 $allow_users
+
+# SSH port based on user input
+$port_setting
 EOL
 
 # Restart the SSH service