Bashfully, moving the default SSH port in Ubuntu at a specific period is an excellent way of improving the security of the server because it will be challenging for most robots to hack the port that one has chosen for the server. SSH, by default, uses port 22; therefore, it is among the most used ports and is easily targeted by malicious people. Below is a step-by-step guide on modifying the default port for SSH in the Ubuntu operating system.
Understanding SSH and Its Default Port
SSH, commonly known as Secure Shell, is a network protocol that enables secure access to a system and its applications. SSH uses TCP, and the usual port number used for the connection is port 22. Although such a change does not offer complete protection, some automated activities that attack this default port will be delayed.
Steps to Change the Default SSH Port
1. Backup the SSH Configuration File
For every change made, a copy of the original SSH configuration file must be made to reverse the changes in case they are locked quickly. You can do this by executing the following command in the terminal:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
2. Edit the SSH Configuration File
Open the SSH daemon configuration file using a text editor. For example, using Nano, you can run the following:
sudo nano /etc/ssh/sshd_config
3. Locate the Port Directive
Within the configuration file, find the line that specifies the port. It typically appears as follows:
#Port 22
This line is commented out by default.
4. Change the Port Number
It is more appropriate to change the port number to the preferred one; at least for testing, it should be uncommented, that is, removing the # at the beginning. Then, choosing a port number greater than 1024 is recommended to avoid overlapping with other services. For instance, if you want to modify it to listen on port 2222, it will require editing the line.
Port 2222
5. Save and Close the File
Regarding nano, to save the changes, press CTRL + O + ENTER, and topdress on CTRL + X to exit.
6. Adjust Firewall Rules
If your server has a firewall enabled, for instance, (UFW), you will have to open the traffic on the new port. For example, to allow port 2222, run:
sudo ufw allow 2222/tcp
7. Restart the SSH Service
To apply the changes, restart the SSH daemon with the following command:
sudo systemctl restart sshd
8. Test the New SSH Port
Before logging out of your current session, open a new terminal window and test the new SSH port by connecting to your server using:
ssh username@your_server_ip -p 2222
Change your username to your actual username and your_server_ip to your server's IP address.
9. Close the Default Port (Optional)
Consider closing the default port (22) to enhance security if the new port functions correctly. You can do this by running:
sudo ufw deny 22/tcp
Conclusion
Switching away from the default SSH port on Ubuntu is a good idea that can make a real positive difference to the security of your server. Applying the steps mentioned above can minimize the possibility of gaining unauthorized access through automation attacks on the default port. Always test the new configuration before closing your session to avoid being locked out of your server.