The SSH server listens to port 22 by default in Linux. However, it can be modified to any other port as per the requirement/need of the time. Most network administrators prefer to run the SSH server on a different port to make it more difficult for unauthorized users to access the server. Running the SSH server on a non-standard port also helps avoid conflicts with other services that are already using port 22. It enhances the server’s security by changing the default port.
Considering the importance of this fact, this post will address the method to run an SSH server on a port other than 22.
- How to Run the SSH Server on Ports Other Than 22 (Default Port)?
- Check the SSH Service Status
- Open the SSH Configuration File
- Change the Port Setting
- Update Firewall Rules
- Restart the SSH Service
- Check the SSH Service is Listening on the New Port
- Verify the Connection
Note: The port numbers 0-1023 are preserved for the root user to perform various functionalities. Each port has privileged services such as “21” for the FTP server and “22” for SSH, etc.
How to Run the SSH Server on Ports Other Than 22 (Default Port)?
To run the SSH server on a port other than 22 in Linux, users need to make a few changes to the configuration file of the SSH. Here is the step-by-step process to do this:
Preq-requites: Check the SSH Service Status
It is a better approach to check the SSH services to perform any action related to the SSH. To check the SSH services, the “systemctl” command is utilized with the “status” option as below:
$ sudo systemctl status ssh
The output shows that ssh services are in an active state.
Step 1: Open the SSH Configuration File
Access the “sshd_config” configuration file that is located in the “/etc/ssh/sshd_config” directory. To open the configuration file, use the “nano” text editor:
$ sudo nano /etc/ssh/sshd_config
It navigates to the particular configuration file.
Step 2: Change the Port Setting
In this file, find the line that starts with “Port 22” and change it to “Port 44” as shown below:
Save and Exit the file via the “CTRL+S” and “CTRL+X” keys.
Step 3: Update Firewall Rules
To configure the firewall, the “ufw” command is utilized to allow permission for the specific port. For instance, specify the “44/tcp” port to update the rules:
$ sudo ufw allow 44/tcp
The output shows firewall rules have been updated over port 44.
Step 4: Restart the SSH Service
After making the changes to the configuration file, restart the SSH services to apply the changes:
$ sudo systemctl restart ssh
The output confirms that the “ssh” services have been successfully restarted.
Step 5: Check the SSH Service is Listening on the New Port
Execute the “lsof” with the “grep” command to list down the SSH service that is listening on the new port “44” by following the below command:
$ sudo lsof -i -P | grep ssh
The output shows the listening process on the new port number “44”.
Step 6: Verify the Connection
Finally, connect to the SSH server using the “ssh” command with the new port number “44” following the syntax “username@hostname”:
$ ssh -p 44 itslinuxfoss@ubuntu
The output confirms that the ssh connection has been successfully established with “port 44”.
To run the SSH server on a port other than 22 is possible by changing the port number in the “sshd_config” configuration file. After modification, it is necessary to restart the ssh services by executing the “sudo systemctl restart ssh” command.
This guide has illustrated the step-by-step instructions to run the SSH server on ports other than 22.