April 10, 2015     0 Comments

The Secure Shell (SSH) by default uses port 22. Leaving it as port 22 does not make your system insecure, nor will changing the port provide a significant increase in security. However, we do advise you to change the default SSH port, this will stop many automated attacks and a bit harder for other people to guess which port SSH is listening on. In other words, a little security though obscurity.

Step 1

As root, use a text editor (eg.  nano) to edit the sshd configuration file.

# nano /etc/ssh/sshd_config

Step 2

Edit the line which states 'Port 22'. Choose an appropriate port, also making sure it not currently in use on the system.

# What ports, IPs and protocols we listen for
Port 50683

(Dynamic and/or Private Ports are those from 49152 through 65535 and can be used. Though nothing is stopping you from using reserved port numbers, our suggestion may help avoid technical issues with port allocation in the future.)

Step 3

You now need to restart SSH to switch over to the new port by restarting SSH.

# /etc/init.d/ssh restart

Step 4

Verify SSH is listening on the new port by connecting to it. Note how the port number now needs to be declared.

ssh username@hostname.com -p 50683

How helpful was this article to you?