diff --git a/web/admin/firewall/__init__.py b/web/admin/firewall/__init__.py
index d57c998c7..331529267 100644
--- a/web/admin/firewall/__init__.py
+++ b/web/admin/firewall/__init__.py
@@ -53,6 +53,14 @@ def get_ssh_info():
 def set_ping():
     return MwFirewall.instance().setPing()
 
+
+# 修改ssh端口
+@blueprint.route('/set_ssh_port', endpoint='set_ssh_port', methods=['POST'])
+@panel_login_required
+def set_ssh_port():
+    port = request.form.get('port', '1').strip()
+    return MwFirewall.instance().setSshPort(port)
+
 # 添加放行端口
 @blueprint.route('/add_accept_port', endpoint='add_accept_port', methods=['POST'])
 @panel_login_required
diff --git a/web/utils/firewall.py b/web/utils/firewall.py
index 7b12014e3..bd67c8efe 100644
--- a/web/utils/firewall.py
+++ b/web/utils/firewall.py
@@ -170,6 +170,25 @@ class Firewall(object):
         mw.execShell('sysctl -p')
         return mw.returnData(True, '设置成功!')
 
+    def setSshPort(self, port):
+        if int(port) < 22 or int(port) > 65535:
+            return mw.returnData(False, '端口范围必需在22-65535之间!')
+
+        ports = ['21', '25', '80', '443', '888']
+        if port in ports:
+            return mw.returnData(False, '(' + port + ')' + '特殊端口不可设置!')
+
+        file = '/etc/ssh/sshd_config'
+        conf = mw.readFile(file)
+
+        rep = r"#*Port\s+([0-9]+)\s*\n"
+        conf = re.sub(rep, "Port " + port + "\n", conf)
+        mw.writeFile(file, conf)
+
+        self.addAcceptPort(port, 'SSH端口修改', 'port')
+        self.reload()
+        return mw.returnData(True, '修改成功!')
+
     def setFw(self, status):
         if self.__isIptables:
             self.setFwIptables(status)