To run the SSH server on a port other than the default port (22), you will need to edit the
/etc/ssh/sshd_config file and change the following line:
# Port 22
to specify the port number that you want to use. For example, to use port 2222, you would change the line to:
Then, save the file and restart the SSH server using the following command:
systemctl restart ssh
This will cause the SSH server to listen on the specified port. You will need to use this port number when connecting to the server using an SSH client.
It is generally recommended to use the default port (22) for the SSH server, as this is the port that most users and automated systems expect to find it on. If you choose to use a different port, you may need to specify the port number when connecting to the server using an SSH client (e.g.
ssh firstname.lastname@example.org -p 2222).
Here are a few more details about running the SSH server on a non-default port:
- When specifying a port number in the
/etc/ssh/sshd_configfile, you must use a number between 1 and 65535. Port numbers below 1024 are reserved for privileged services and are typically only bound to by system processes or by programs executed by privileged users.
- It is generally recommended to use a port number above 1024 for the SSH server, as this reduces the risk of conflicting with reserved ports.
- If you are using a firewall on your system, you will need to allow incoming connections on the specified port in order for the SSH server to be reachable from the outside. For example, on a system running iptables, you can allow incoming connections on port 2222 with the following command:
iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
- Some SSH clients allow you to specify the port number using a command-line option (e.g.
ssh -p 2222 email@example.com), while others require you to specify the port number in the hostname (e.g.
ssh firstname.lastname@example.org:2222). Consult the documentation for your SSH client for more information.
- If you are running the SSH server on a non-standard port to increase security, keep in mind that this is only one of many steps that you can take to secure your system. Other steps might include enabling public key authentication, disabling password authentication, and configuring firewall rules to limit access to the SSH server.