How can I change the default SSH port?
Changing the default SSH port can enhance your server’s security by reducing exposure to automated attacks. Follow these simple steps to update the port:
1. Access Your Server
Log in to your server using SSH with an account that has administrative or root privileges.
2. Edit the SSH Configuration File
The SSH configuration file is typically located at /etc/ssh/sshd_config. Open it with a text editor:
sudo nano /etc/ssh/sshd_config
3. Modify the Port Setting
Look for the line that says #Port 22. Remove the # to uncomment the line and change 22 to the port number you want. For example:
Port 2222
Choose a port number between 1024 and 65535 to avoid conflicts with well-known services.
4. Save and Exit
After making the changes, save the file and exit the editor.
In Nano, press CTRL + X, then Y, and hit Enter to save.
5. Update Firewall Rules
Allow traffic on the new port by updating your firewall settings. Use the appropriate command based on your firewall:
- For UFW (Uncomplicated Firewall):
sudo ufw allow 2222/tcp - For iptables:
sudo iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
6. Restart the SSH Service
To apply the changes, restart the SSH service. Use one of these commands depending on your system:
sudo systemctl restart ssh
Or:
sudo service ssh restart
7. Connect Using the New Port
The next time you connect to your server via SSH, specify the new port number:
ssh -p 2222 user@your-server-ip
By completing these steps, your SSH service will run on the new port, reducing the risk of automated attacks while maintaining secure access to your server.