Blog

Secure your Server by Changing SSH Port

There are individuals on the internet who want to find SSH servers; they will start probing each IP address on port 22 (the default SSH port). Then, once they have their list of IP addresses with port 22 open, they will start their password brute force to guess the password to have root access to those servers.

While there are many ways to make your server secure, changing the default SSH port would be a basic security measure that you could take to cover your bases.

Follow these steps in order to achieve this.

• Connect to your server via SSH as the root user using an SSH client (E.g PuTTY).
• Run following commands to install nano editor to your server. However, if you are familiar, you can use the default vi editors.

Debian/Ubuntu:

apt-get update
apt-get install nano

RHEL/CentOS:

yum update
yum install nano

• Then, open “/ etc/ ssh/ sshd_config” file using nano editor.
• Locate the following line containing “Port 22”.

• If the above line is commented, uncomment it by removing # at the beginning.
• After that, change SSH port 22 to your desired port number, for example changing it to 2222.

Important: Be sure that you do not pick a port number that is in use by a different service. If you are unsure, Wikipedia has a list of port numbers and their uses.

• Press Ctrl + x, then y, finally Enter to save changes and exit.
• Issue following command to restart sshd service.

service sshd restart

Now you have successfully changed your servers’ SSH port. Remember to specify the new SSH port, when you are connecting to your VPS in the future.

Note: If you are under a firewall, then you have to allow a newly configured port in the server’s firewall.