diff --git a/playbook.yaml b/playbook.yaml
index 53166e9..3f0ced2 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -3,6 +3,7 @@
   roles:
     - monitoring-client
     - monitoring-logs
+    - sshd-config
 
 - hosts: monitoring
   roles:
diff --git a/roles/sshd-config/handlers/main.yml b/roles/sshd-config/handlers/main.yml
new file mode 100644
index 0000000..a7acba8
--- /dev/null
+++ b/roles/sshd-config/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: reload sshd
+  systemd:
+    name: sshd
+    state: reloaded
diff --git a/roles/sshd-config/tasks/main.yaml b/roles/sshd-config/tasks/main.yaml
new file mode 100644
index 0000000..bb746a7
--- /dev/null
+++ b/roles/sshd-config/tasks/main.yaml
@@ -0,0 +1,14 @@
+- name: SSH Listen Port 7000
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    line: 'Port 7000'
+  notify:
+    - reload sshd
+
+- name: SSH Listen Port 22 (safety)
+  lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: '^#Port 22'
+    line: 'Port 22'
+  notify:
+    - reload sshd