How to change the default SSH port in Linux
SSH (Secure Shell) is a network protocol used to securely connect to the remote server where the data between the server and client is transferred in an encrypted format.
Why change the default port?
The Default SSH port is changed to provide additional security to the server in order to avoid attacks from malicious users like Brute Force attacks. It’s a trial-and-error hacking method to crack a user’s login details, credentials, and encryption keys by using n number of alphabetic combinations.
By default, SSH listens on port 22 which is known to all and it is very easy for hackers to access the encrypted data in this port than any other port. So when the default port is changed, the hacker has to try different ports which becomes much more difficult to find out the open port.
How to change the default port?
In this article, we will see how to change the default SSH port in simple and easy steps.
Step 1: Connect to the remote server
The user should connect to a remote server via SSH using a terminal or any SSH client tool like Putty, Mobaxterm, etc.
For example, let’s connect to server.example.com from the terminal using the below command.
In the next step, the user would be prompted to enter a password, post which the secure connection is established.
Step 2: Select a new port
There are a total of 65,536 communication ports which are categorized into three ranges,
|Well known/System Ports||0 -1023||These are reserved ports for running system-specific services like SSH which usually runs on 22, HTTPS listens on 443, etc and the process must execute with superuser privileges to be able to bind a network socket to an IP address using one of the well-known ports.|
|Registered Ports||1024 – 49151||These ports are assigned by IANA for specific services upon application by a requesting entity and they can also be used by ordinary users.|
|Dynamic/Private ports||49152 -65535||These ports cannot be registered with IANA, it is used for private or customized services or for temporary purposes.|
In this example, we will take port 5444 and have to make sure that the port is open meaning it should not be used by any other application. There are numerous Linux commands available to list the open ports and we will check for open ports using lsof command,
sudo lsof -i -P -n | grep LISTEN
Let’s try port 5432 and see if it’s open or not,
5432 is used by Postgres, so let’s check for another port 5444,
5444 port is not used by any service, so it can be taken as a default port for sshd.
Step 3: Unblock port
Once the port is selected, the user should make sure that the port is not blocked and have to open the port in order to allow traffic on it.
Run the following command to update iptables rule to allow incoming connection on the new port.
sudo iptables -I INPUT -p tcp –dport 5444 -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT
Verify if the rule is listed in iptables,
Step 4: Configure SSH
Next, the new port needs to be updated in the sshd server config file named sshd_config usually located under /etc/ssh/.
Open the file and look for a Port option which is usually commented out (#).
Remove the # symbol, change the default port from 22 to 5444 and save it,
Users should be careful while doing changes in the server config file as incorrect configuration might lead to the service not getting started up. As a proactive measure users can take a backup of the file before doing any changes.
Step 5: Restart service
After changing the port number, restart sshd service for the changes to take effect.
service sshd restart
systemctl restart sshd
After the service restart, the user would not be able to connect to the server through the old port,
Step 6: Connect with the new port
Now let’s try to connect to the remote server through new port 5444,
ssh username@server_ip -p port_number
Thus using new port 5444, a secure connection has been established successfully and we have learned how to change the default sshd port. If the user regularly connects to multiple systems, work can be simplified by defining all of the remote connections in the SSH config file.
Please Login to comment...