Facebook Twitter Instagram
    TecAdmin
    • Home
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    You are at:Home»Network Services»SSH»How to Change the SSH Port in Linux

    How to Change the SSH Port in Linux

    By RahulFebruary 24, 20235 Mins Read

    Changing the SSH port is a security measure that can help protect your system from automated attacks that target the default SSH port (port 22). When attackers scan the internet for vulnerable systems, they often focus on the default SSH port to try to gain access to the system.

    Advertisement

    By changing the SSH port, you can make it harder for attackers to find and target your system. This is because the attacker would need to scan a wider range of ports to find the new SSH port, which makes the scanning process slower and less efficient. In this article, we will show you how to change the SSH port in Linux.

  • How to Set Up Passwordless SSH Login on Linux
  • Change the SSH Port in Linux

    Follow the below steps to change default SSH port for securing a Linux systems.

    Step 1: Choose a new port number

    The first step is to choose a new port number for SSH. You can choose any unused port between 1024 and 65535. However, it is recommended to choose a port number that is not commonly used for other services.

    For this tutorial, we will use 2022 port for the SSH configuration.

    Step 2: Edit the SSH configuration file

    The SSH configuration file is located at “/etc/ssh/sshd_config”. You can use any text editor to edit this file. However, you need root privileges to modify the file. Here’s how you can open the file for editing:

    sudo nano /etc/ssh/sshd_config 
    

    In the SSH configuration file, locate the line that specifies the SSH port. The line should look like this:

    1
    #Port 22

    Uncomment the line by removing the # character and change the port number to the new port that you have chosen. For example, if you want to change the SSH port to 2022, the line should look like this:

    1
    Port 2022

    Save the changes to the SSH configuration file.

    Step 3: Restart the SSH service

    After changing the SSH port, you need to restart the SSH service to apply the changes. You can do this using the following command:

    sudo systemctl restart sshd 
    

    Alternatively, if your system does not use systemd, you can use the following command to restart the SSH service:

    sudo service sshd restart 
    

    Step 4: Adjust Firewall Rule

    After changing the SSH port, you need to update your firewall rules to allow inbound traffic on the new port. Here are the steps to open the firewall rules for the new SSH port using three popular firewall tools: UFW, firewall-cmd, and iptables.

    • UFW (Uncomplicated Firewall) is a front-end for managing firewall rules in Ubuntu and other Debian-based systems. Here’s how you can allow incoming traffic on the new SSH port using UFW:
      sudo ufw status 
      

      Add a new rule to allow incoming traffic on the new SSH port (replace 2222 with your new SSH port number):

      sudo ufw allow 2022/tcp 
      
    • firewall-cmd is a command-line tool for managing firewall rules in CentOS, Fedora, and other Red Hat-based systems. Here’s how you can allow incoming traffic on the new SSH port using firewall-cmd:
      sudo firewall-cmd --zone=public --add-port=2022/tcp --permanent 
      sudo firewall-cmd --reload 
      

      Replace “2022” with your new SSH port number

    • iptables is a command-line tool for managing firewall rules in Linux. Here’s how you can allow incoming traffic on the new SSH port using iptables:
      sudo iptables -A INPUT -p tcp --dport 2022 -j ACCEPT 
      

    Step 5: Verify the new SSH port

    To verify that the new SSH port is working, you can try to connect to the SSH server using the new port number. For example, if you changed the SSH port to “2022”, you can connect to the SSH server using the following command:

    ssh [email protected] -p 2022 
    

    Replace “user” with the username that you want to use to log in to the SSH server, and “server” with the hostname or IP address of the SSH server.

    If you can successfully connect to the SSH server using the new port number, congratulations! You have successfully changed the SSH port in Linux.

    Conclusion

    Changing the SSH port in Linux is a good security practice to protect your system against automated attacks. After changing the SSH port, you need to update your firewall rules to allow incoming traffic on the new port. This can be done using different firewall tools, such as UFW, firewall-cmd, and iptables. Choose the tool that is appropriate for your system and follow the steps outlined in this article to open the firewall rules for the new SSH port.

    It is important to note that changing the SSH port alone is not enough to secure your system. You should also use strong passwords or public key authentication for SSH access, limit SSH access to trusted users, and regularly update your system with security patches. However, changing the SSH port is a simple and effective step that can enhance the security of your system.

    OpenSSH port SSH
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp

    Related Posts

    How To Display Warning Message to Unauthorized SSH Access

    How to Set a Custom SSH Login Banner and MOTD

    How to Install and Secure OpenSSH Server on Pop!_OS

    Add A Comment

    Leave A Reply Cancel Reply

    Advertisement
    Recent Posts
    • Implementing a Linux Server Security Audit: Best Practices and Tools
    • cp Command in Linux (Copy Files Like a Pro)
    • 15 Practical Examples of dd Command in Linux
    • dd Command in Linux (Syntax, Options and Use Cases)
    • Iptables: Common Firewall Rules and Commands
    Facebook Twitter Instagram Pinterest
    © 2023 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.