Get reliable and fast VPS from Dropvps!Buy Now
Menu
Signup | Login
User

DropVPS Team

Writer: Cooper Reagan

Change ssh port on ubuntu 22.04

Change ssh port on ubuntu 22.04

Publication Date

11/13/2024

Category

Articles

Reading Time

4 Min

Table of Contents

Changing the SSH port in Ubuntu 22.04 involves modifying the SSH configuration file and adjusting the firewall settings. Here’s a step-by-step guide on how to change the SSH port:

Editing the SSH Configuration File

  • Open the SSH configuration file by running the following command in the terminal: 
    sudo nano /etc/ssh/sshd_config
  • Locate the line that specifies the port: Look for the line that starts with #Port 22. The # means the line is commented out, and SSH is using the default port 22.
  • Uncomment the line and change the port number: Remove the # and change 22 to your desired port number (e.g., Port 2222). Choose a port number between 1024 and 65535 that’s not already in use by another service.

Example:

Port 2222
  • Save the changes and exit the editor by pressing CTRL + X, then Y to confirm, and Enter to save the file.

Updating the Firewall Settings

If you’re using UFW (Uncomplicated Firewall), you need to allow traffic on the new SSH port.

  1. Allow the new SSH port in UFW:
    • Run the following command, replacing 2222 with your new port number: 
      sudo ufw allow 2222/tcp
  2. Deny access to the old port:
    • You can remove the rule for port 22 to block the default SSH port: 
      sudo ufw delete allow 22/tcp
  3. Reload the firewall:
    • Apply the changes by reloading UFW: 
      sudo ufw reload
  4. Restart the SSH Service

    To apply the changes, restart the SSH service:

    sudo systemctl restart ssh
  5. Test the New SSH Port
    1. Test the new port by trying to connect using the new port number. For example, if you set the port to 2222, use the following command: 
      ssh -p 2222 username@your_server_ip
    2. Troubleshoot if necessary:
      • If you cannot connect, check that the new port is open in your firewall and verify that no other services are using the same port.

Why Change the SSH Port?

Changing the default SSH port is a simple security measure that can make it harder for attackers to discover and target your server. While this won’t completely secure your server, it helps minimize exposure to automated attacks that are looking for servers running on default ports. Moreover, combining this with other security measures, such as using SSH keys instead of passwords, can further harden your server against threats.

Benefits of Changing the Default SSH Port
  1. Reduced Risk of Brute-Force Attacks: Attackers often target port 22 using automated scripts to attempt logging in with weak passwords. By changing the port, you make it more difficult for these scripts to find your server.
  2. Enhanced Security: While it’s not a foolproof solution, changing the port is an effective first step in securing your system.
  3. Avoiding Common Attacks: Many malicious bots and scanners look for default services like SSH on port 22. Moving SSH to a different port can reduce the chances of being targeted by these bots.

Testing the New SSH Port

Once you’ve changed the SSH port, it’s important to verify that everything is working correctly and that you can still access your server using the new port. Here are the steps to test the new SSH port:

1. Test SSH Connection on the New Port

To test the new SSH port, use the following command in your terminal. Replace 2222 with the port you chose, and replace username and your_server_ip with your actual SSH username and server IP address.

ssh -p 2222 username@your_server_ip

If you successfully connect, you will be prompted for your password (or passphrase if you’re using SSH keys). If the connection is established, this means the port change was successful.

2. Testing from a Remote Location

If you’re testing the connection from a different network or remote location (outside the local network), ensure that your firewall allows the new port and that the port is not blocked by any external firewalls or routers.

3. Troubleshooting Connection Issues

If you’re unable to connect, try the following troubleshooting steps:

  • Check SSH configuration: Ensure the Port line in the /etc/ssh/sshd_config file is correct and the SSH service was restarted.
  • Verify firewall settings: Ensure that the new port is allowed through the firewall (e.g., using sudo ufw status to check UFW rules).
  • Check for conflicting ports: Make sure no other service is using the same port.

4. Testing with telnet or nc

You can also use tools like telnet or nc (Netcat) to check if the port is open and reachable. For example:

telnet your_server_ip 2222

Or using nc:

nc -zv your_server_ip 2222

If the port is open and accessible, the command will show a successful connection message. If the port is closed or unreachable, you’ll receive an error message.

5. Verify SSH Service

If all else fails, check the SSH service status to ensure it’s running properly:

sudo systemctl status ssh

Make sure that the SSH service is active and running without errors.

Linux VPS
U
Loading...

Related Posts