YouTube Icon

Code Playground.

How to Change the SSH Port in Linux


How to Change the SSH Port in Linux

Naturally, SSH tunes in on port 22. Changing the default SSH port adds an additional layer of security to your worker by diminishing the danger of robotized assaults. 

This instructional exercise discloses how to change the default SSH port in Linux. We will likewise tell you the best way to design your firewall to permit admittance to the new SSH port. 

The most ideal approach to shield your worker from assaults is to design your firewall to permit admittance to port 22 just from believed has and set up a SSH key-based verification . 

Changing the SSH Port

Changing the SSH port of a picture is a basic assignment. You should simply to alter the SSH design document and restart the administration. 

The accompanying areas disclose how to change the SSH Port on a Linux framework. 

1. Picking a New Port Number 

In Linux, port numbers under 1024 are held for notable administrations and must be bound to by root. Despite the fact that you can utilize a port inside a 1-1024 territory for the SSH administration to dodge issues with port assignment later on, it is prescribed to pick a port over 1024. 

In this model will change the SSH port to 5522, you can pick any port you need. 

2. Changing Firewall 

Prior to changing the SSH port, you'll have to change your firewall to permit traffic on the new SSH port. 

In the event that you are utilizing UFW, the default firewall setup device for Ubuntu, run the accompanying order to open the new SSH port: 

sudo ufw allow 5522/tcp

In CentOS, the default firewall the executives instrument is FirewallD. To open the new port run: 

sudo firewall-cmd --permanent --zone=public --add-port=5522/tcp
sudo firewall-cmd --reload

CentOS clients likewise need to change the SELinux rules: 

sudo semanage port -a -t ssh_port_t -p tcp 5522

In the event that you are utilizing iptables as your firewall, to open the new port, run: 

sudo iptables -A INPUT -p tcp --dport 5522 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT

3. Configuring SSH

Open the SSH setup record/and so forth/ssh/sshd_config with your word processor: 

sudo vim /etc/ssh/sshd_config

Quest for the line beginning with Port 22. Much of the time, this line begins with a hash (#) character. Eliminate the hash # and enter the new SSH port number: 


Port 5522

Be extra cautious while changing the SSH design record. The inaccurate design may cause the SSH administration to neglect to begin. 

When done, spare the record and restart the SSH administration to apply the changes: 

sudo systemctl restart ssh

In CentOS the ssh administration is named sshd: 

sudo systemctl restart sshd

To check that SSH daemon is tuning in on the new port 5522, type: 

ss -an | grep 5522

The yield should look something like this: 

tcp   LISTEN      0        128   *
tcp   ESTAB       0        0
tcp   LISTEN      0        128               [::]:5522              [::]:*

Using the New SSH Port

To determine the port, summon the ssh order followed by the - p <port_number> alternative: 

ssh -p 5522 username@remote_host_or_ip

In the event that you are routinely interfacing with different frameworks, you can disentangle your work process by characterizing the entirety of your associations in the SSH config document . 


In this instructional exercise, you have figured out how to change the SSH port on a Linux worker. You ought to likewise set up a SSH key-based validation and interface with your Linux workers without entering a secret key. 

Don't hesitate to leave a remark on the off chance that you have any inquiries.