how to change the default ssh port in linux

One of the best ways to connect to a remote machine is by using the ssh protocol. *S*ecure *S*ocket *S*hell (or ssh) is a cryptographic network protocol that allows you to securely connect to a remote machine. It also refers to a suite of utilities that implement the protocol, such as the ssh server and an ssh client.

In order for you connect to the remote machine, the remote machine should be running an ssh server. Most Linux machines have a ssh server running as daemon listening to a port that accept incoming connections. By default, the ssh server (or sshd) runs on port number 22. Although, this is the default port, you can easily change the port to another one with some configuration.

All the configurations for the ssh is defined in the ssh_config file in the etc/ssh folder. In order to make changes to the default configuration, you will need the appropriate permissions to modify this file. Open the configuration in a text editor such as vi, and with superuser or appropriate permissions to modify the file.

$ vi /etc/ssh/sshd_config

In the config file, look for an entry for Port. This is usually the very first setting in the file. Most times, it is a commented out as well, especially if you are using the default port which is 22. Edit the line, removing the comment if necessary (the # character at the start of the line) and change the port number to the value to want.

To change the port to something like 238, you will modify the line to Port 238 as shown in the screenshot below.


You should make sure that the new port that you have modified to is not currently being used by any other process on the system.

Once you have modified the file, save the file and exit the text editor. In order for the new configuration to take effect you will need to restart the sshd service. On most Linux distros, you can easily restart a service with the following command.

$ /etc/init.d/ssh restart

You will need to be a super user in order start, stop or restart services. Once you have successfully restarted the ssh service, you can connect to the new ssh port as you always did, but by specifying the specific port number.

$ ssh -v user@hostname -p 238

Sometimes changing the ssh port is sometimes viewed as a security feature. To be honest, it does not provide much protection as a quick scan of your ports can easily show which port the ssh server is running on. In most situations, you can usually stick with the default port.