In this article, we will delve into the process of changing the default Secure Shell (SSH) port on your server. SSH is a protocol that enables secure remote access to and management of your server. It is crucial to modify the SSH port in order to boost security because the default port is well known and commonly targeted by bad actors.
You may significantly lower the risk of successful assaults on your server by changing the default SSH port. We’ll take you step-by-step through the procedure in this article, which includes modifying the SSH configuration file and upgrading firewall rules. Whether you are a seasoned system administrator or are just getting started, this article will give you the knowledge you need to confidently modify your SSH port.
Let’s get started!
Here is a step-by-step guide to change the default SSH port in a Debian VPSie operating system:
Log in to your Debian server as the root user or a user with root privileges. Open the SSH configuration file using a text editor, such as nano, by running the following command:
nano /etc/ssh/sshd_config
Find the line that specifies the default SSH port (usually Port 22) and change it to the desired port number. For example, if you want to change the SSH port to 2233, the line would look like this:
Port 2233
Save the changes and exit the text editor.
Restart the SSH service for the changes to take effect. Run the following command:
systemctl restart ssh
Update the firewall rules to allow incoming connections on the new SSH port. You can do this using iptables by running the following command:
iptables -A INPUT -p tcp --dport 2233 -j ACCEPT
If you receive the error message iptables: command not found. it means that the iptables package is not installed on your system. To install iptables on a Debian-based system, you can use the following command:
sudo apt-get install iptables
This will install the iptables package and its dependencies. After installation, you should be able to run the iptables command and check the status of your iptables firewall.
Note: Replace 2222 with the new SSH port number you specified in above step.
To make the firewall changes permanent, you’ll need to save them to the firewall configuration file. You can do this by using the iptables-persistent package:
apt-get install iptables-persistent
Test the new SSH port by attempting to connect to the server using the new port number. You can use the following command:
ssh user@your-server-ip -p 2233
Note: Replace user with your username, and your-server-ip with the IP address of your server.
That’s it! You have successfully changed the default SSH port in your Debian operating system.
Here is a step-by-step guide to change the default SSH port in a Ubuntu VPSie operating system:
Log in to your Ubuntu machine as the root user or a user with sudo privileges.
Open the SSH configuration file using a text editor:
sudo nano /etc/ssh/sshd_config
Find the line that says Port 22 and change it to the desired port number. For example, to change the SSH port to 2233, the line would look like this:
Port 2233
Save the changes to the file and close the text editor.
Restart the SSH service to apply the changes:
sudo systemctl restart ssh
Update your firewall to allow incoming connections on the new SSH port. You can use the following command to allow connections on port 2233, for example:
sudo ufw allow 2233/tcp
If you receive the error message sudo: ufw: command not found it means that the Uncomplicated Firewall (ufw) is not installed on your system. To install ufw on an Ubuntu system, you can use the following command to install UFW:
sudo apt-get install ufw
and run the altering firewall rule command again:
sudo ufw allow 2233/tcp
Test the new SSH port by trying to connect to the machine from a remote machine. You can use the following command:
ssh user@your-server-ip -p 2233
Replace user with your username on the Ubuntu machine and your-server-ip with the IP address or hostname of your Ubuntu machine.
That’s it! You have successfully changed the default SSH port in your Ubuntu operating system.
Here is a step-by-step guide to change the default SSH port in a Fedora VPSie operating system:
sudo nano /etc/ssh/sshd_config
Port 2233
sudo systemctl restart ssh
systemctl list-units --type=service | grep ssh
sudo systemctl restart sshd.service
sudo ss -lptn | grep ssh
sudo firewall-cmd --add-port=2233/tcp --permanent
sudo firewall-cmd --reload
ssh user@server_ip -p 2233
That’s it! You have successfully changed the default SSH port in your Fedora operating system.
Here is a step-by-step guide to change the default SSH port in a Fedora VPSie operating system. To change the default SSH port in CentOS, you can follow these steps:
Log in to your machine as the root user or a user with sudo privileges.
Open the SSH configuration file by running the following command:
sudo nano /etc/ssh/sshd_config
Find the line that reads Port 22 and change it to the new port number you want to use for SSH. For example, if you want to use port 2233, the line should look like this:
Port 2233
Save the changes and close the file.
Restart the SSH service to apply the changes by running the following command:
sudo systemctl restart ssh
If you receive the error message Failed to restart ssh.service: Unit ssh.service not found. it means that the SSH service is not recognized by the system’s init system (systemd). This error may occur if the SSH service is not installed or if it is installed but not configured properly.
To resolve this issue, try the following steps:
Check if the SSH service is installed by running the following command:
rpm -qa | grep openssh
This command should return the package name of the openssh package if it is installed on your system. If the package is not installed, you can install it by running the following command:
sudo dnf install openssh-server
After installing the openssh-server package, try starting the SSH service again with the following command:
Verify that the new port is being used by running the following command:
sudo ss -ant | grep LISTEN
You should see a line that lists the new SSH port number, along with other listening services.
Update your firewall rules to allow incoming connections on the new SSH port by running the following command:
sudo firewall-cmd --permanent --add-port=2233/tcp
sudo firewall-cmd --reload
Test the new SSH port by connecting to your CentOS 8 machine using the new port number. For example, if you changed the port to 2233, you would run the following command:
ssh username@your_server_ip -p 2233
If the connection is successful, you have successfully changed the default SSH port in CentOS.
Here is a step-by-step guide to change the default SSH port in a Fedora VPSie operating system. To change the default SSH port in Redhat, you can follow these steps:
Log in to your machine as the root user or a user with sudo privileges.
Open the SSH configuration file by running the following command:
sudo nano /etc/ssh/sshd_config
Find the line that reads Port 22 and change it to the new port number you want to use for SSH. For example, if you want to use port 2233, the line should look like this:
Port 2233
Save the changes and close the file.
Restart the SSH service to apply the changes by running the following command:
sudo systemctl restart ssh
If you receive the error message Failed to restart ssh.service: Unit ssh.service not found. it means that the SSH service is not recognized by the system’s init system (systemd). This error may occur if the SSH service is not installed or if it is installed but not configured properly.
To resolve this issue, try the following steps:
Check if the SSH service is installed by running the following command:
rpm -qa | grep openssh
This command should return the package name of the openssh package if it is installed on your system. If the package is not installed, you can install it by running the following command:
sudo dnf install openssh-server
After installing the openssh-server package, try starting the SSH service again with the following command:
Verify that the new port is being used by running the following command:
sudo ss -ant | grep LISTEN
You should see a line that lists the new SSH port number, along with other listening services.
Update your firewall rules to allow incoming connections on the new SSH port by running the following command:
sudo firewall-cmd --permanent --add-port=2233/tcp
sudo firewall-cmd --reload
Test the new SSH port by connecting to your CentOS 8 machine using the new port number. For example, if you changed the port to 2233, you would run the following command:
ssh username@your_server_ip -p 2233
If the connection is successful, you have successfully changed the default SSH port in Redhat.
