SSH is one of the most common ways to access and manage servers. Unfortunately, its popularity also makes it a frequent target for hackers. By default, SSH runs on port 22, which is widely known and often scanned by attackers. But what if we told you that changing your SSH port number could dramatically improve the security of your server?
In this article, we’ll show you how to change your SSH port number and hide it from potential attackers, making your server more secure and less vulnerable to brute force and automated attacks.
Why Change Your SSH Port Number?
The default SSH port number (22) is a well-known target for attackers. It's the first port that malicious actors will try when attempting to gain unauthorized access to your server. By changing the port number to something more obscure, you make it more difficult for attackers to find and exploit your SSH service.
Changing the SSH port adds an extra layer of security by preventing automated scripts and brute-force attempts that typically target port 22. It’s a simple change, but it can greatly enhance the overall security of your server.
Step-by-Step Guide: Changing Your SSH Port
Follow these steps to change your SSH port number and increase your server's security:
- Log in to your server as root or a user with sudo privileges
- Open the SSH configuration file for editing:
Code copied to your clipboard!
- Find the line that specifies the default SSH port. It will look like this:
Code copied to your clipboard!Remove the "#" symbol to uncomment the line, and then change the port number to your desired value (for example, 2222, 2200, etc.):Code copied to your clipboard!
- Save the changes and close the file: Press
CTRL + X, thenYto confirm changes, and hitEnterto save the file. - Adjust your firewall rules to allow the new port: If you're using UFW, run the following command to allow traffic on your new port (replace 2222 with your port number):
Code copied to your clipboard!Don't forget to remove the old rule for port 22:Code copied to your clipboard!
- Restart the SSH service to apply the changes:
Code copied to your clipboard!
- Test the new SSH port by opening a new terminal window and trying to connect to the server with the new port:
Code copied to your clipboard!Make sure you can log in successfully before closing your current SSH session.
Remember: Never Lock Yourself Out!
Before closing your SSH session, always make sure you can log in using the new port. Test the new connection in a separate terminal window to confirm that the change was successful and that you're not locking yourself out of the server.
Can I Change My Port Back Later?
Yes, you can always change your SSH port number back to 22 if necessary. Just follow the same steps, but revert the port number to 22. Remember to adjust your firewall rules and restart SSH after making the changes.
