Default SSH port 22
SSH was created as a solution to replace both file transfer protocol FTP (port 21) and remote access protocol telnet (port 23), so port 22 was a particularly fitting choice.
You can make SSH server run on any available port by changing the Port directive in the /etc/ssh/sshd_config file.
Usually Port is the very first option defined in the file, and it’s commented out if default value is used:
just update this section by uncommenting Port and changing 22 to the port number you need, like 212 in this example:
For privileged port (port number less than 1024), you would have to start sshd as root.
For non-privileged port (port number above 1024), you can start sshd as a regular user on your server.
Best practice: change default SSH port If you are running SSH server on publicly available IP addrrsses, it’s best to minimize your chances of having SSH access compromsied:
change the default port for SSH (to limit chances of SSH being discovered by external scans) switch to key only authentication (prevents password brute force attacks) use firewall to allow SSH access from known IP networks only (if possible) See Also