How to change the SSH server port

By default, the SSH service operates on port 22. If your server is behind a firewall that blocks this default port, you must change the port to enable SSH access. Additionally, running SSH on a non-standard port can reduce the risk of automated attacks, especially when the server is exposed to the internet.

Changing the SSH port is straightforward. You must select a new port number not currently in use by other services. This helps prevent conflicts and ensures that your SSH service operates smoothly on the chosen port.

Once the new port is configured, it is important to adjust your firewall settings to allow traffic on the new port. If your server uses SELinux, additional configuration is required to permit SSH traffic on the new port. Finally, restart the sshd service to apply the changes.

Steps to change SSH server port:

Open your terminal application.
Verify that the new port is not already in use.
```
$ ss -natp | grep 2022
$
```
Open the sshd_config file with a text editor.
```
$ sudo vi /etc/ssh/sshd_config
```
Find the Port directive and set it to the desired port number.
```
Port 2022
```
Make sure the line does not begin with # as it implies the line is commented and will be ignored.
Save and close the configuration file.

Update the firewall to allow traffic on the new port (optional, if firewall is enabled).

$ sudo ufw allow 2022/tcp # Ubuntu/Debian
$ sudo firewall-cmd --add-port=2022/tcp --permanent && sudo firewall-cmd --reload # CentOS / Red Hat
success
success

Configure selinux to allow SSH to run on the configured port (optional, if selinux is used).
```
$ sudo semanage port -a -t ssh_port_t -p tcp 2022
```
semanage can be installed on CentOS or Red Hat systems using the following command:
```
$ sudo yum install --assumeyes policycoreutils-python
```
Restart the sshd service to apply the changes.
```
$ sudo systemctl restart sshd
```
Related: How to start, restart, and stop the SSH server service

Confirm that the SSH service is running on the new port.

$ ss -tlnp | grep 2022
LISTEN     0      128          *:2022                     *:*
LISTEN     0      128         :::2022                    :::*

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.