How can I change the default SSH port in Ubuntu?

Bashfully, moving the default SSH port in Ubuntu at a specific period is an excellent way of improving the security of the server because it will be challenging for most robots to hack the port that one has chosen for the server. SSH, by default, uses port 22; therefore, it is among the most used ports and is easily targeted by malicious people. Below is a step-by-step guide on modifying the default port for SSH in the Ubuntu operating system.

Understanding SSH and Its Default Port

SSH, commonly known as Secure Shell, is a network protocol that enables secure access to a system and its applications. SSH uses TCP, and the usual port number used for the connection is port 22. Although such a change does not offer complete protection, some automated activities that attack this default port will be delayed.

Steps to Change the Default SSH Port

1. Backup the SSH Configuration File

For every change made, a copy of the original SSH configuration file must be made to reverse the changes in case they are locked quickly. You can do this by executing the following command in the terminal:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup

2. Edit the SSH Configuration File

Open the SSH daemon configuration file using a text editor. For example, using Nano, you can run the following:

sudo nano /etc/ssh/sshd_config

3. Locate the Port Directive

Within the configuration file, find the line that specifies the port. It typically appears as follows:

#Port 22

This line is commented out by default.

4. Change the Port Number

It is more appropriate to change the port number to the preferred one; at least for testing, it should be uncommented, that is, removing the # at the beginning. Then, choosing a port number greater than 1024 is recommended to avoid overlapping with other services. For instance, if you want to modify it to listen on port 2222, it will require editing the line.

Port 2222

5. Save and Close the File

Regarding nano, to save the changes, press CTRL + O + ENTER, and topdress on CTRL + X to exit.

6. Adjust Firewall Rules

If your server has a firewall enabled, for instance, (UFW), you will have to open the traffic on the new port. For example, to allow port 2222, run:

sudo ufw allow 2222/tcp

7. Restart the SSH Service

To apply the changes, restart the SSH daemon with the following command:

sudo systemctl restart sshd

8. Test the New SSH Port

Before logging out of your current session, open a new terminal window and test the new SSH port by connecting to your server using:

ssh username@your_server_ip -p 2222

Change your username to your actual username and your_server_ip to your server's IP address.

9. Close the Default Port (Optional)

Consider closing the default port (22) to enhance security if the new port functions correctly. You can do this by running:

sudo ufw deny 22/tcp

Conclusion

Switching away from the default SSH port on Ubuntu is a good idea that can make a real positive difference to the security of your server. Applying the steps mentioned above can minimize the possibility of gaining unauthorized access through automation attacks on the default port. Always test the new configuration before closing your session to avoid being locked out of your server.

Was this answer helpful? 1 4