This article is for those who are concerned about their server’s security. You can try to change the SSH port as an additional layer to strengthen the security of your server. Therefore, changing the default SSH port (22) to something else will make it hard to guess for the hackers.
Caution: before you proceed to change the SSH port, please read the following very carefully!
If you are using any firewall rules to allow specific IPs for port 22, make sure to update that with the new port prior to change the SSH port. AWS Security Group, Vultr Firewall, DigitalOcean Firewall they all allow custom rules. If you are not sure about it, try to take help from a system administrator. Otherwise, you may end up blocking yourself from logging into the server anymore. Similarly, if you are using any type of rsync between your server to/from another server, you have to include the new port there as well.
- Connect to your Linux server via SSH.
- If you are not logged in as a root user, make sure to use a sudo group user. Otherwise, you won’t be able to proceed with the next step.
- Run the following command: sudo vi /etc/ssh/sshd_config to edit the file.
- Within the file, locate the line where it says # Port 22.
- Remove the # at the beginning and consequently, change the port 22 to something else that you want, like 2222.
- Save the file and exit. If you are using Vim (vi command), then press Esc then :qw then press Enter. In the case of Nano, use Ctrl + X, then type Y, and then press Enter.
- Finally, restart the SSH service by running the command: sudo service sshd restart.
Now, you can connect to your server via SSH using the new port.