Change default public SSH/SFTP port from 2222 to 22222

CHANGELOG.md

@@ -16,6 +16,8 @@ The **patch** part changes incrementally at each release.
 
 ### Changed
 
+* Change default public SSH/SFTP port from 2222 to 22222
+
 ### Fixed
 
 ### Removed

amazon-ec2/defaults/main.yml

@@ -122,6 +122,10 @@ ec2_evolinux_security_group:
       from_port: 2222
       to_port: 2222
       cidr_ip: 0.0.0.0/0
+    - proto: tcp
+      from_port: 22222
+      to_port: 22222
+      cidr_ip: 0.0.0.0/0
     - proto: tcp
       from_port: 2223
       to_port: 2223

fail2ban/templates/jail.local.j2

@@ -28,7 +28,7 @@ action_mwl = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(proto
 action = %(action_mwl)s
 
 [sshd]
-port    = ssh,2222
+port    = ssh,2222,22222
 logpath = %(sshd_log)s
 backend = %(sshd_backend)s
 maxretry = 10

minifirewall/defaults/main.yml

@@ -19,7 +19,7 @@ minifirewall_privilegied_ips: []
 
 minifirewall_protected_ports_tcp: [22]
 minifirewall_protected_ports_udp: []
-minifirewall_public_ports_tcp: [25, 53, 443, 993, 995, 2222]
+minifirewall_public_ports_tcp: [25, 53, 443, 993, 995, 22222]
 minifirewall_public_ports_udp: [53]
 minifirewall_semipublic_ports_tcp: [20, 21, 22, 80, 110, 143]
 minifirewall_semipublic_ports_udp: []

minifirewall/files/minifirewall.conf

@@ -29,7 +29,7 @@ SERVICESTCP1p='22'
 SERVICESUDP1p=''
 
 # Public services (IPv4/IPv6)
-SERVICESTCP1='25 53 443 993 995 2222'
+SERVICESTCP1='25 53 443 993 995 22222'
 SERVICESUDP1='53'
 
 # Semi-public services (IPv4)

proftpd/defaults/main.yml

@@ -9,6 +9,6 @@ proftpd_ftps_port: 990
 proftpd_ftps_cert: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
 proftpd_ftps_key: "/etc/ssl/private/ssl-cert-snakeoil.key"
 proftpd_sftp_enable: False
-proftpd_sftp_port: 2222
+proftpd_sftp_port: 22222
 proftpd_accounts: []
 proftpd_accounts_final: []