How to change the ssh port on Linux or Unix server

I am a new Linux/Unix server admin. How do I change the SSH Port for my Linux or Unix server using command line option?

You can easily change the SSH Port for Your Linux or Unix server. The ssh port defined in sshd_config file. This file located in
/etc/ssh/sshd_config location.

Procedure to change the SSH Port for Linux or Unix Server

  1. Open the terminal application and connect to your server via SSH.
  2. Locate sshd_config file by typing the find command.
  3. Edit the sshd server file and set Port option.
  4. Save and close the file
  5. Restart the sshd service to change the ssh port in Linux.


Locate sshd_config file by typing the following command

$ find / -name "sshd_config" 2>/dev/null
Sample outputs:

/etc/ssh/sshd_config

The find command try to locate sshd server config file named sshd_config. I added the 2&gt/dev/null at the end to hide find command permission denied messages warning/spam.

Edit the file and set Port option

Type the following command:
$ sudo vi /etc/ssh/sshd_config


Locate line that read as follows:
Port 22
OR
#Port 22

To set the port to 2222, enter:
Port 2222



Save and close the file. Please note that port numbers 0-1023 are reserved for various system services. Hence, I recommend choosing port numbers between 1024 and 65535. Here is a common list of privileged services and designated as well-known ports:

Port

Protocol

Service

20

tcp

ftp-data

21

tcp

ftp server

22

tcp

ssh server

23

tcp

telnet server

25

tcp

email server

53

tcp/udp

Domain name server

69

udp

tftp server

80

tcp

HTTP server

110

tcp/udp

POP3 server

123

tcp/udp

NTP server

443

tcp

HTTPS server

Use the cat command/grep command/egrep command to see internet network services list:
cat /etc/services
less /etc/services
more /etc/services
grep -w '22/tcp' /etc/services
grep SSH /etc/services
grep -w '80/tcp' /etc/services
egrep -w '(80|443|110|53)/tcp' /etc/services


Viewing or choosing a new SSH port number in Linux

A note about SELinux users

You must type the following command to change port to 2222:
# semanage port -a -t ssh_port_t -p tcp 2222

Updating your firewall to accept the ssh port 2222 in Linux

If you are using UFW on a Ubuntu/Debian Linux, type:
$ sudo ufw allow 2222/tcp
The syntax for iptables is as follows
$ sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT
The syntax for pf firewall is as follows (FreeBSD/OpenBSD/NetBSD Unix) in your pf.conf:
pass log on $ext_if proto tcp to any port 2222 keep state
To open the new port run the following commands on Fedora/CentOS/
RHEL/Oracle Linux using FirewallD
$ sudo firewall-cmd --permanent --zone=public --add-port=2222/tcp
$ sudo firewall-cmd --reload

Warning: You must update your firewall settings to accept new port. Otherwise the following command will lock down your ssh access.

Restart the sshd service

Type the following command on a CentOS/RHEL/Fedora Linux:
$ sudo service sshd restart
OR if you are using CentOS/RHEL/Fedora Linux with systemd:
$ sudo systemctl restart sshd
OR if you are using Ubuntu/Debian/Mint Linux:
$ sudo service ssh restart
OR if you are using Ubuntu/Debian/Mint Linux with systemd:
$ sudo systemctl restart ssh
Or if you are using FreeBSD Unix, enter:
$ sudo service sshd restart

How to verify that TCP port 2222 opened

Use the netstat command or ss command:
ss -tulpn | grep 2222
netstat -tulpn | grep 2222

How to use the new SSH port with command line

The syntax is:
ssh -p {port} user@server
sftp -P {port} openssh-server
scp -P {port} source target
scp -P {port} /path/to/foo user@server:/dest/
For example:
ssh -p 2222 vivek@server1.cyberciti.biz

Conclusion

This page explained how to change the SSH port on both Linux and Unix-like systems including ssh command line option for connecting the server.

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to redirect HTTP to HTTPS

If you work with the Apache web server and can change its configuration, follow the Apache...

Install Postfix MTA on Ubuntu 16.04 / 17.10 / 18.04

Postfix is a widely used Mail Transfer Agent (MTA) that most Linux systems use to router email...

How To Install Docker on Ubuntu 18.04 & 16.04 LTS

  Docker is container-based application framework, which wraps a specific application with all...

Install Apache, MariaDB, PHP and PhpMyAdmin in Ubuntu 18.04

Step 1: Install Apache Web Server on Ubuntu 18.04 1. First start by updating your software...

How to install OpenLDAP on Ubuntu 18.04

  LDAP is the Lightweight Directory Access Protocol, which allows for the querying and...