Changing the SSH (Secure Shell) port in the Linux Ubuntu operating system is a fundamental yet crucial step for enhancing the security of your server. By default, SSH attends port 22. Many automated attacks target this default port, making it a common vulnerability. Changing the port to a non-standard one can significantly reduce the risk of these attacks.Â
Here's a comprehensive guide to Ubuntu change SSH port.
Prerequisites
Before proceeding, ensure you have:
1. Access to a user account with sudo privileges.
2. Understanding of command-line operations.
Step 1: Backup the SSH Configuration File
First, it's always good practice to back up your SSH configuration file if something goes wrong. You can do this by running:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
It creates a copy of the existing SSH configuration file.
Step 2: Edit the SSH Configuration File
Next, open the SSH configuration file in a text editor. Commonly used text editors in Ubuntu are `nano`, `vi`, or `vim`. For simplicity, we'll use `nano`:
sudo nano /etc/ssh/sshd_config
Step 3: Change the SSH Port
Look for the line that specifies the port in the SSH configuration file. By default, it looks like this:
#Port 22
Uncomment this line and remove the `#` Change `22` to your desired port number.
Step 4: Save and Exit the Editor
After making the changes, save the file.
Exit the editor.Â
In `nano`, you can press `CTRL + X`
Enter `Y` to confirm the changes.
`Enter` to save.
Step 5: Adjust the Firewall Settings
You need to update your firewall rules to allow the new SSH port through the firewall. If you are using `ufw`, the commands are:
sudo ufw allow 2222/tcp
sudo ufw delete allow 22/tcp
Replace `2222` with the port number you chose. The first command allows traffic on the new port, and the second command removes the rule for the old port.
Step 6: Restart the SSH Service
For the changes to take effect, you must restart the SSH service with:
sudo systemctl restart ssh
Alternatively, you can use:
sudo service ssh restart
Step 7: Verify the Changes
To ensure that SSH is now listening on the new port, you can use the `ss` or `netstat` command:
sudo ss -tuln | grep 2222
Or, if `ss` is not available:
sudo netstat -tuln | grep 2222
You should see a line indicating SSH listening on the new port.
Step 8: Update SSH Client Configurations (Optional)
If you frequently connect to this server using an SSH client, you should update your client configuration to use the new port by default. You can do this by modifying your local `~/.ssh/config` file to include:
Host yourserver
    HostName yourserver.com
    Port 2222
    User yourusername
It allows you to connect to your server without specifying the port every time.
To Sum it Up!
Its easy to change the Ubuntu change SSH port. It will greatly improve the security of your server by reducing its exposure to scripted attacks. According to the instructions above, you can easily reconfigure SSH so that it listens to the other port. Remember to update your firewall settings and verify the changes to ensure smooth connectivity. This simple adjustment and other security measures, like strong passwords and SSH key authentication, can fortify your server against unauthorized access and potential security threats.
About us
Services
Not Sure what’s right for your business?
Talk to Experts
Platforms
Resources
Live Chat
Browse by Services
Resource Library
Blogs