How to change the ssh port on Linux or Unix server

Estimated reading: 2 minutes 0 views

By default, port 22 is used to establish an SSH connection. This port is automatically configured during the installation of your operating system.

To reduce the number of brute force attacks, you can configure another port for SSH access.

Please Note

Before changing the port, please make sure that the applications and services installed on the server can be configured without a default port. Otherwise, changing the default port may cause these applications and services to stop working.

To make sure you can back up the sshd_config file first:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

1, Open the SSH configuration file sshd_config with the text editor vi:

vi /etc/ssh/sshd_config

2, Search for the entry Port 22.

3, Replace port 22 with a port between 1024 and 65536.

4. Open the firewall port

Since each server, you will use a different firewall application. So please choose the corresponding applications below to open the port.

  • For servers using Firewalld

If you use Firewalld open the port and reload with the following command.

firewall-cmd --permanent --zone=public --add-port=5555
firewall-cmd --reload/tcp
  • For servers using ufw (UIbuntu/Debian)

If you use ufw enter the following command to change the port

ufw allow 5555/tcp
  • For servers using iptables

With iptables, enter the following commands sequentially to open the port, start and check the opened port.

iptables -I INPUT -p tcp -m tcp --dport 5555 -j ACCEPT
service iptables restart
iptables -L -n

5. Restart the service.


systemctl restart sshd


service ssh restart

Now you can SSH through the new port

Hopefully, this article will be useful for you. Good luck!

Leave a Comment