How to change default SSH port

The SSH port in Linux hosting servers are by default set to 22. As a part of server hardening, we should always change the port to something else.

Why should you change default port?

Intruders are always scanning for every possible entrance into you server. Keeping default port 22 open gives these intruders the chance to exploit the port to get access to your server. We should always change this to something else. This way – their attempt to get connected to the server via default SSH will be uprooted at the very beginning.

How to change the port?

Connect your server via SSH (PuTTY).  Login to the server as “root”. You need to change the sshd_config file which you can get in “/etc/ssh” directory. Make sure you create a backup of sshd_config file. You may execute the following command to create a backup: (without the “#”)

# cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bkp

The above will create backup names “sshd_config_bkp”.

Now open the file ‘sshd_config’ with your desired text editor in PuTTY. I prefer ‘pico’ (there are other editors like ‘nano’, ‘vi’ etc). After opening the file – scroll down until you see the following:

You’ll need to remove/delete the “#” sign before “Port” and then change the port value to something else. For example, you may change the port to 2222 or 2223 or something else. After changing the port number, save the file and restart sshd service using the following command:

# service sshd restart

If you have a firewall in your linux server – you’ll need to open the port you’ve set in sshd_config for SSH. After this change you’ll need to SSH into your server with the new port.