By default, SSH runs on port 22. A port is simply a communication endpoint where a process is routed once it arrives on a server. To connect through SSH, a user requires the port number (e.g. 22 in this case) and a public IP address of the server alongside a. You can either change the port number on that machine to 26. Either edit /etc/ssh/sshdconfig & don't forget to restart SSH (service sshd restart) or leave it on 22, but forward port 26 on the router to port 22 on the second machine. Also, don't forget to change any firewall settings on the second machine to allow the connections through. Change 7822 to the new port number that you want to use. Save the changes to the /etc/ssh/sshdconfig file, and then exit the text editor. Restart the SSH service using the appropriate command for your Linux distribution: For CentOS and Fedora, type: service sshd restart For Debian and Ubuntu, type: service ssh. Go to System Settings Administrator Settings and change the HTTPS and SSH ports. You can change the default port configurations for HTTPS and SSH administrative access for added security. To connect to a non-standard port, the new port number must be included in the collection request. GITSSHCOMMAND='ssh -oPort=1234 -i /.ssh/myPrivatersa.key' git clone myuser@myGitRemoteServer:/my/remote/gitrepo/path. This has the added advantage of allowing any other ssh suitable option (port, priv.key, IPv6, PKCS#11 device.).
If you are aware of the SSH basics, you already know that SSH uses port 22 by default.
When you connect to a server via SSH, most of the time you don't provide any port information. And in such cases, your connection goes to the port 22 of the SSH server.
You can change the default port from 22 a port number of your choice using the following steps:
- Open the
/etc/ssh/sshd_config
file for editing. - Locate the line that has
Port 22
(if it is commented out with #, remove the # as well). - Change the line to Port 2522 (or any number of your choice between 1024 and 65535).
- Make sure that the new port is allowed by the firewalls (if you have any).
- Restart ssh daemon with
sudo systemctl restart sshd
. - From now onwards, you'll have to specify the port to make the ssh connection
ssh user@ip_address_of_server -p 2522
.
Let me show you the steps in details and also tell you why you may consider changing the
Why change the default SSH port?
One of the most elementary tricks for securing SSH server is to change the default SSH port number 22.
Why? Because a number of bot scripts try the brute force attacks on the default port 22. Most of these scripts don't always scan for open ports, and they target the default ports for various known services like SSH.
Changing the default SSH port reduces number of such attacks. There are other ways to improve the security of your SSH server. If interested, please follow these actionable tips for improving SSH server security.
Now that you know why you would change the default SSH port, let's see how to do it.
Allow traffic on the new port by changing the firewall settings
If you have a firewall set or custom ipconfig or ifconfig or if you are using selinux, you must allow the new ssh port before making the changes. Otherwise you may lock yourself out without an SSH access.
Now this part depends upon what kind of firewall or routing you are using.
If you are using UFW, you can use the following command to allow port 2522:
If you are using iptables, you should use this command:
On Fedora, CentOS, Red Hat, the firewall is managed by firewalld and you can use this command:
On CentOS and Red Hat, you may also have to change the SELinux rules:
Now that you have put the correct firewall settings, let's move on to changing the SSH port.
Changing the default SSH port
Usually, the ssh configuration file is located at /etc/ssh/sshd_config
. You'll have to use a terminal-based editor like Vim or Nano or Emacs to edit the file.
Distributions like Ubuntu have Nano installed by default so you can use it for opening the file in edit mode like this:
Ubuntu Set Ssh Port
As you can see, you'll have to be a sudo user or root to edit the ssh configuration.
Scroll down a bit and you'll see a line with Port 22
. If it starts with #
, it means the line is commented out. The commented out lines gives you the default settings.
So if you see # Port 22
, it means that default port is 22.
Change this line with a port number of your choice. In Linux, port number 0-1023 are usually reserved for various services. It will be good to avoid using anything between 0 and 1023 to avoid conflicts.
You can use any other port number between 1024 and 65535. I am using 2522 in the example. Make sure to remove the #
before the Port line.
Ssh Into Specific Port
Save your changes and exit the editor. If you are using Nano, use Ctrl+X to save and exit.
The next step is to restart the ssh service. Most modern system use systemd services so you can use the following command:
Now if you want to access the SSH server, you'll have to specify the port number:
Was it helpful?
I hope you find this tutorial helpful in changing the SSH port. Now that you have changed the port, you'll have to use it all the time you want to connect to the server via SSH and that could be annoying.
This is why I recommend using SSH config file to save the settings for easy and quick access.
Set Ssh Port Centos
Become a Member for FREE
Join the conversation.
SSH server by default listens to port 22 and you don't have to manually specify the port number on your SSH client if you're connecting to the default port.
You'll have to manually specify the port number when you're connecting to non-standard SSH ports using the -p option or by adding the port information in your SSH client's configuration file.
Steps to connect to SSH server on ports other than 22:
- Check the port that the SSH server runs on.
Related: How to change SSH server port
Related: How to run SSH server on multiple ports - Test if the port that the SSH server listens to is reachable from the client host.
- Specify port to connect to using -p option.
- Add port configuration to SSH client configuration file for persistence.
- Connect again using SSH client with just the Host name without having to provide port number as parameter.
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.
Gitlab Set Ssh Port
Discuss the article:Ssh Connect To Different Port
Comment anonymously. Login not required.