Changing the port number is just obscuring the SSH service, and is not enough in that case.
Yes, NS8 does not manage the SSH service. Such service is usually already configured in the system, and it is not a requirement for NS8 to run.
It acts like Fail2Ban: it reads the system logs and bans nasty IP addresses.
For EL systems this is a brief procedure (tested on Rocky Linux 9) that opens port 2222 and restricts port 22 to trusted interfaces.
# Make sshd listen on :22 and :2222
printf "Port 22\nPort 2222\n" > /etc/ssh/sshd_config.d/10-ports.conf
# Authorize sshd to listen port 2222
semanage port -a -t ssh_port_t -p tcp 2222
# Change Firewalld SSH service configuration to use port 2222
firewall-cmd --permanent --service=ssh --add-port=2222/tcp
firewall-cmd --permanent --service=ssh --remove-port=22/tcp
# Restart service and apply new firewall configuration
systemctl restart sshd
firewall-cmd --reload
Some commands to check the above configuration status
# Print Firewalld configuration for SSH service
firewall-cmd --info-service=ssh
# Print locally customized SELinux ports
semanage port -l -C
Full node firewall status is available also from the Nodes page
