Change the Default Listening Port for SSH

Security by obscurity is a known term in the world of computers and one way to make it more troublesome for people trying to bruteforce your VPS is to change the Port that ssh listens to, follow these simple steps and you should be good to go:

As a precaution we copy the configuration file to a backup copy if something goes wrong.

Open the SSH config file with your favourite editor (I use nano):

Look for the Port variable:, it could be commented out, like this:

or enabled, like this:

or it could even be missing.

What we would like it to look like is this (change 1234 to the Port you want to use):

Exit and save the file.

If you have a firewall running, make sure that the new port is opened before we restart the ssh daemon. Restart ssh by running the following command:

CentOS

Debian

 

What ever you do now, do NOT disconnect the open connection or you might end up with a VPS that you can not connect to at all.

Try to connect to the port that you assigned

Linux (change 1234 in the example below to the Port you used):

ssh root@192.168.100.100 -p 1234

Windows (change 22 in the example below to the Port you used):

putty-1

 

 

 

 

 

 

 

If the connection times out or is refused, you can either troubleshoot or restore the old configuration by running the following command:

and restart the ssh service again.

2 comments for “Change the Default Listening Port for SSH

  1. Muhamed Amine
    January 8, 2015 at 22:09

    Thank you for your hrlp my freind, nice web site : )

  2. March 28, 2017 at 06:08

    That is good information to secure a web server, my recommendation would be to keep any numbers higher than 10 thousands and up 55 thousands. Some port scanner application is able to find the accessible port number with lower number than 2 thousand.

Leave a Reply

Your email address will not be published. Required fields are marked *