How to change SSH server port

SSH service by default runs on port 22. You can change the port that your SSH service runs if you're behind a firewall that only allow other ports.

You can also change the port that your SSH server runs on to reduce automated attack to the common SSH port especially if it's directly exposed to the internet.

SSH can configured to run on ports other than 22 by configuring the Port option in the sshd configuration file.

Steps to change SSH server port:

Launch your preferred terminal application.
Check if the port you plan to assign to your SSH server is not already in use.
```
$ ss -natp | grep 2022
$
```
Edit sshd configuration file with your favourite text editor.
```
$ sudo vi /etc/ssh/sshd_config
```
Search for Port option and set the value to the port that you desire.
```
Port 2022
```
Make sure the line does not begin with # as it implies the line is commented and will be ignored.

Configure firewall to allow access to the configured port (optional, if firewall is enabled).

$ sudo ufw allow 2022/tcp # Ubuntu/Debian
$ sudo firewall-cmd --add-port=2022/tcp --permanent && sudo firewall-cmd --reload # CentOS / Red Hat
success
success

Configure selinux to allow SSH to run on the configured port (optional, if selinux is used).
```
$ sudo semanage port -a -t ssh_port_t -p tcp 2022
```
semanage can be installed on CentOS or Red Hat systems using the following command:
```
$ sudo yum install --assumeyes policycoreutils-python
```
Restart sshd service.
```
$ sudo systemctl restart sshd
```
How to start, restart and stop SSH service

Check if sshd is now running on the configured port.

$ ss -tlnp | grep 2022
LISTEN     0      128          *:2022                     *:*
LISTEN     0      128         :::2022                    :::*

Author: Mohd Shakir Zakaria
Cloud architect by profession but always consider himself as a developer, entrepreneur and an opensource enthusiast.

Discuss the article:

Comment anonymously. Login not required.