How to change the ssh port on Linux or Unix server

last updated in Categories , , , , , ,

I am a new Linux/Unix server admin. How do I change the SSH Port for my Linux or Unix server using command line option?

You can easily change the SSH Port for Your Linux or Unix server. The ssh port defined in sshd_config file. This file located in /etc/ssh/sshd_config location.

Procedure to change the SSH Port for Linux or Unix Server

  1. Open the terminal application and connect to your server via SSH.
  2. Locate sshd_config file by typing the find command.
  3. Edit the sshd server file and set Port option.
  4. Save and close the file
  5. Restart the sshd service to change the ssh port in Linux.

Change the ssh port on Linux or Unix openssh server

Locate sshd_config file by typing the following command

$ find / -name "sshd_config" 2>/dev/null
Sample outputs:

/etc/ssh/sshd_config

The find command try to locate sshd server config file named sshd_config. I added the 2&gt/dev/null at the end to hide find command permission denied messages warning/spam.

Edit the file and set Port option

Type the following command:
$ sudo vi /etc/ssh/sshd_config
Locate line that read as follows:
Port 22
OR
#Port 22
To set the port to 2222, enter:
Port 2222
Save and close the file. Please note that port numbers 0-1023 are reserved for various system services. Hence, I recommend choosing port numbers between 1024 and 65535. Here is a common list of privileged services and designated as well-known ports:

PortProtocolService
20tcpftp-data
21tcpftp server
22tcpssh server
23tcptelnet server
25tcpemail server
53tcp/udpDomain name server
69udptftp server
80tcpHTTP server
110tcp/udpPOP3 server
123tcp/udpNTP server
443tcpHTTPS server

Use the cat command/grep command/egrep command to see internet network services list:
cat /etc/services
less /etc/services
more /etc/services
grep -w '22/tcp' /etc/services
grep SSH /etc/services
grep -w '80/tcp' /etc/services
egrep -w '(80|443|110|53)/tcp' /etc/services

How to Change the SSH Port in Linux
Viewing or choosing a new SSH port number in Linux

A note about SELinux users

You must type the following command to change port to 2222:
# semanage port -a -t ssh_port_t -p tcp 2222

Updating your firewall to accept the ssh port 2222 in Linux

If you are using UFW on a Ubuntu/Debian Linux, type:
$ sudo ufw allow 2222/tcp
The syntax for iptables is as follows
$ sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT
The syntax for pf firewall is as follows (FreeBSD/OpenBSD/NetBSD Unix) in your pf.conf:
pass log on $ext_if proto tcp to any port 2222 keep state
To open the new port run the following commands on Fedora/CentOS/RHEL/Oracle Linux using FirewallD
$ sudo firewall-cmd --permanent --zone=public --add-port=2222/tcp
$ sudo firewall-cmd --reload

Warning: You must update your firewall settings to accept new port. Otherwise the following command will lock down your ssh access.

Restart the sshd service

Type the following command on a CentOS/RHEL/Fedora Linux:
$ sudo service sshd restart
OR if you are using CentOS/RHEL/Fedora Linux with systemd:
$ sudo systemctl restart sshd
OR if you are using Ubuntu/Debian/Mint Linux:
$ sudo service ssh restart
OR if you are using Ubuntu/Debian/Mint Linux with systemd:
$ sudo systemctl restart ssh
Or if you are using FreeBSD Unix, enter:
$ sudo service sshd restart

How to verify that TCP port 2222 opened

Use the netstat command or ss command:
ss -tulpn | grep 2222
netstat -tulpn | grep 2222

How to use the new SSH port with command line

The syntax is:
ssh -p {port} user@server
sftp -P {port} openssh-server
scp -P {port} source target
scp -P {port} /path/to/foo user@server:/dest/

For example:
ssh -p 2222 vivek@server1.cyberciti.biz

Conclusion

This page explained how to change the SSH port on both Linux and Unix-like systems including ssh command line option for connecting the server. For further information please see the following resources:

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Join the discussion at www.nixcraft.com

Historical Comment Archive

2 comment

    Still, have a question? Get help on our forum!