SSH port

Default SSH port 22 Default SSH port 22

SSH was created as a solution to replace both file transfer protocol FTP (port 21) and remote access protocol telnet (port 23), so port 22 was a particularly fitting choice.

Changing SSH port on the server

You can make SSH server run on any available port by changing the Port directive in the /etc/ssh/sshd_config file.

Usually Port is the very first option defined in the file, and it’s commented out if default value is used:

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

just update this section by uncommenting Port and changing 22 to the port number you need, like 212 in this example:

Port 212
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

For privileged port (port number less than 1024), you would have to start sshd as root.

For non-privileged port (port number above 1024), you can start sshd as a regular user on your server.

Best practice: change default SSH port If you are running SSH server on publicly available IP addrrsses, it’s best to minimize your chances of having SSH access compromsied:

change the default port for SSH (to limit chances of SSH being discovered by external scans) switch to key only authentication (prevents password brute force attacks) use firewall to allow SSH access from known IP networks only (if possible) See Also

See Also




Keep Learning with Me

Follow me on Facebook and Twitter or jump into Telegram chat!:
Recommended Software
I use Brave browser, it's awesome: Brave Browser I'm also a fan of SetApp for macOS: SetApp for macOS
IT Consultancy
I'm a principal consultant with Tech Stack Solutions. I help with cloud architectrure, AWS deployments and automated management of Unix/Linux infrastructure. Get in touch!

Recent Tweets