YouTube Icon

Code Playground.

How to Change the SFTP Port


How to Change the SFTP Port

SFTP (SSH File Transfer Protocol) is a safe document convention for moving records between two hosts over an encoded association. It additionally permits you to perform different document procedure on distant records and to continue document moves. 

SFTP can be utilized as a substitution for the heritage FTP convention. It has all the usefulness of FTP yet with a safer association. 

This article discloses how to change the default SFTP port in Linux. We will likewise tell you the best way to design your firewall to permit on the new port. 

Try not to mistake SFTP for FTPS. Both convention fill a similar need. Nonetheless, FTPS represents FTP Secure, and it is an expansion to the standard FTP convention with help for TLS. 

What Port Does SFTP Use 

SFTP is a subsystem of SSH and gives a similar degree of security as SSH. 

The default SFTP port is 22. 

Changing the SFTP Port

Changing the default SFTP/SSH port includes an additional layer of security to your worker by lessening the danger of robotized assaults. 

The most ideal approach to shield your worker from assaults is to arrange your firewall to permit admittance to port 22 just from believed has and set up a SSH key-based confirmation . 

The accompanying advances portray how to change the SSH Port on Linux machines. 

1. Picking a New Port Number 

In Linux, port numbers under 1024 are held for notable administrations and must be bound to by root. In spite of the fact that you can utilize a port inside the 1-1024 territory for the SSH administration to evade port designation issues, it is prescribed to pick a port over 1024. 

This model tells the best way to change the SFTP/SSH port to 4422, however you can pick any port of your preferring. 

2. Altering Firewall 

Prior to changing the SFTP/SSH port, you'll have to open the new port in your firewall. 

On the off chance that you are utilizing UFW, the default firewall in Ubuntu , run the accompanying order to open the port: 

sudo ufw allow 4422/tcp

In CentOS, the default firewall the executives instrument is FirewallD. To open the port, enter the accompanying orders: 

sudo firewall-cmd --permanent --zone=public --add-port=4422/tcp
sudo firewall-cmd --reload

CentOS clients additionally need to modify the SELinux rules to permit the new SSH port: 

sudo semanage port -a -t ssh_port_t -p tcp 4422

In the event that you are utilizing another Linux dispersion that runs iptables, to open the new port run: 

sudo iptables -A INPUT -p tcp --dport 4422 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

3. Configuring SFTP/SSH

The SSH worker arrangement is put away in the/and so forth/ssh/sshd_config document. Open the record with your content tool: 

sudo vim /etc/ssh/sshd_config

Quest for the line beginning with Port 22. Normally, this line is remarked out utilizing the hash (#) image. Eliminate the hash # and enter your new SSH port number: 

Port 4422

Be exceptionally cautious when altering the setup document. An erroneous design may forestall the SSH administration to begin. 

When done, spare the record and restart the SSH administration for changes to produce results: 

sudo systemctl restart ssh

In CentOS the SSH administration is named sshd: 

sudo systemctl restart sshd

Check that SSH daemon is tuning in on the new port: 

ss -an | grep 4422

The yield should look something like this: 

tcp   LISTEN      0        128   *
tcp   ESTAB       0        0
tcp   LISTEN      0        128               [::]:4422              [::]:*

Using the New SFTP Port

To indicate the port number summon the sftp order with the - P choice followed by the new port number: 

sftp -P 4422 username@remote_host_or_ip

On the off chance that you are utilizing a GUI SFTP customer, essentially enter the new port in the customer interface. 


The default SFTP port is 22. Notwithstanding, you can change the port to whatever number you need. 

In the event that you are consistently associating with different frameworks, you can improve your work process by characterizing the entirety of your associations in the SSH config record . 

Don't hesitate to leave a remark in the event that you have any inquiries.