Introducing Our New Google Ads PPC Management $20/mo
Free Backups
Read More
Free Site Transfers
Read More
cPanel Included
Read More
Malware Protection
Read More
24/7/365 Support
Read More
Litespeed Servers
Read More
WAF Protection
Read More
DDOS Protection
Read More

Award Winning Hosting Since 2017

Free Backups
Read More
Free Site Transfers
Read More
cPanel Included
Read More
Malware Protection
Read More
24/7/365 Support
Read More
Litespeed Servers
Read More
AI WAF Protection
Read More
DDOS Protection
Read More
2023-silver-top-25-best-wordpress-hosting (1)

Change SSH Port on Linux: A Step-by-Step Guide

Change SSH Port on Linux

Table of Contents

If you’re looking to enhance the security of your Linux server, and looking to change SSH port on Linux is a crucial step. By default, SSH operates on port 22, making it a prime target for malicious attacks. In this guide, we will walk you through the steps to change the SSH port on your Linux system securely.

Hurray! By the end of this article, you’ll have successfully customized your SSH settings to improve your server’s security.

What is SSH and Why Change the Port?

SSH (Secure Shell) is a protocol that allows secure remote access to your server. Changing the default SSH port is a widely recommended security practice. It helps reduce the likelihood of automated attacks that target the standard port. Additionally, it allows you to manage your server more discreetly.


Prerequisites

Before we dive into the process, ensure you have the following:

  • Access to a Linux server with root privileges.
  • A terminal or SSH client to execute commands.
  • Basic understanding of Linux command-line operations.

Steps to Change SSH Port on Linux

1. Connect to Your Server

To begin, connect to your Linux server using SSH. Open your terminal and type:

ssh username@your_server_ip

Replace username with your actual username and your_server_ip with your server’s IP address.

2. Open the SSH Configuration File

Next, you will need to edit the SSH configuration file. Use your favorite text editor to open the file. For example, using nano:

sudo nano /etc/ssh/sshd_config

3. Locate the Port Directive

Within the sshd_config file, look for the line that specifies the port number. It should look like this:

#Port 22

Remove the # to uncomment the line and change the port number to your desired value. For example, to change it to port 2222:

Port 2222

4. Update Your Firewall Rules

After changing the SSH port, you need to update your firewall rules to allow traffic on the new port. If you’re using ufw, run:

sudo ufw allow 2222/tcp

If you’re using iptables, you can add a rule like this:

sudo iptables -A INPUT -p tcp --dport 2222 -j ACCEPT

Note: Make sure to replace 2222 with your new port number.

5. Restart SSH Service

To apply the changes, restart the SSH service with the following command:

sudo systemctl restart sshd

6. Test the New SSH Port

Before closing your existing SSH session, it’s essential to test the new port. Open a new terminal window and attempt to connect using the new port:

ssh -p 2222 username@your_server_ip

If you can connect successfully, congratulations! You’ve changed the SSH port successfully.

7. Disable the Old SSH Port (Optional)

If you’re confident that the new port works, you can disable the old port to enhance security further. If you’re using ufw, you can deny access to port 22:

sudo ufw deny 22/tcp

8. Update Your Security Practices

To keep your server secure, consider implementing additional security measures:

  • Use SSH Key Authentication: This method is more secure than using passwords. Generate SSH keys and use them for authentication.
  • Install Fail2ban: This tool can help protect your server from brute-force attacks.
  • Regularly Update Your System: Keeping your system updated ensures that you have the latest security patches.

Common Issues When Changing SSH Port

1. Firewall Blocking Access

If you can’t connect after changing the port, check that your firewall is allowing traffic on the new port.

2. SSH Daemon Not Restarting

Ensure that there are no syntax errors in the sshd_config file. You can test the configuration file with:

sudo sshd -t

If there are no errors, restart the SSH service again.