change ssh port on linux mint 21.3

SSH (Secure Shell) serves as a critical tool for securely accessing remote systems. By default, SSH operates on port 22, a widely known standard that often becomes a target for automated attacks and malicious scans. Changing the default SSH port is a simple yet effective step to enhance your system’s security by reducing exposure to common threats. In this guide, we will explore the steps required to change the SSH port on Linux Mint 21.3, ensuring both system functionality and security.

Before proceeding to change the SSH port on Linux Mint 21.3, ensure the following prerequisites are met:

Administrative Privileges:
You need root or sudo access to make changes to the SSH configuration and apply system-level modifications.

Updated System:
Ensure your system is up to date by running:

sudo apt update && sudo apt upgrade  

Installed SSH Server:
Verify the SSH server is installed and running. You can install it using:

sudo apt install openssh-server  

Firewall Setup:
Familiarize yourself with the firewall rules configured on your system, such as UFW or iptables. You’ll need to allow traffic on the new port.

Backup Configuration:
Always back up the current SSH configuration file to avoid accidental misconfigurations

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak  

Text Editor:
Have a preferred text editor ready (e.g., nano, vim) to modify the SSH configuration file.

Backing up the SSH configuration file

Backing up the SSH configuration file is an important step to prevent potential issues during modifications. Begin by locating the file at /etc/ssh/sshd_config. Use the cp command to create a backup, such as:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak  

This backup ensures you can easily restore the original settings if needed. After making the backup, you should confirm it was successful by listing the files in the directory with:

ls -l /etc/ssh/sshd_config*  

If any issues arise after editing the configuration, the backup file can be restored using:

sudo mv /etc/ssh/sshd_config.bak /etc/ssh/sshd_config  

To apply the restored configuration, restart the SSH service with:

sudo systemctl restart sshd  

Editing the SSH Configuration File

To modify the SSH configuration file, you need administrative privileges. The file is typically located at /etc/ssh/sshd_config. Follow these steps to edit it:

Open the configuration file with a text editor like nano:

sudo nano /etc/ssh/sshd_config

Inside the file, locate the line for the SSH port configuration, which often appears as:

#Port 22

Remove the # symbol at the beginning of the line to uncomment it and change 22 to your desired port number. Ensure the chosen port does not conflict with other services and is in the valid range (1-65535):

Port 2222

Save the changes in the editor (in nano, use Ctrl+O to save and Ctrl+X to exit).

Restart the SSH service to apply the changes

sudo systemctl restart sshd

Test the new configuration while keeping your current session open to ensure you don’t lose access. If something goes wrong, you can revert the changes using the backup created earlier.

Testing the New SSH Port

After updating the SSH configuration to use a new port, it’s crucial to test the setup to ensure uninterrupted access. Follow these steps to test the new port:

Keep the Current Session Open
Do not close your current SSH session while testing. Keeping it open allows you to revert changes if necessary.

Connect Using the New Port
Use the -p option in your SSH command to specify the new port. Replace 2222 with the port you configured:

ssh -p 2222 username@your_server_ip

Verify Connection
If the connection is successful, you have configured the new port correctly. If not, review the configuration file and ensure the SSH service has been restarted.

Check Firewall Rules
Ensure the server’s firewall allows traffic on the new port. For example, if using ufw, allow the port:

sudo ufw allow 2222/tcp

Close the Default Port (Optional)
Once the new port is verified, you can disable the default port (22) in the firewall for added security:

sudo ufw deny 22/tcp

Testing ensures the new configuration works without disrupting existing sessions, providing a seamless transition to the new port

Conclusion

Changing the SSH port on Linux Mint 21.3 is a simple yet effective step to enhance server security by reducing exposure to unauthorized access attempts. The process involves careful preparation, including creating backups of the SSH configuration, modifying the sshd_config file, and ensuring the new port is accessible through the firewall.

Testing the new port before fully disabling the default one ensures uninterrupted access, allowing any potential issues to be addressed promptly. By securing the SSH port, administrators can significantly reduce the risk of brute-force attacks and strengthen the server’s overall security posture.

Share:

More Posts

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments