What is Default SSH Port Number & How Change it?

Discover what SSH Protocol is, its full form (Secure Shell), and the default SSH Port Number 22. Learn how to secure your connections with SSH for enhanced network security and remote access management.

Updated: 28 Apr, 24 by Antoniy Yushkevych 5 Min

List of content you will read in this article:

Today, secured communication is one of the biggest priorities for every organization, as major tasks are being done by transferring data from one device to another over the network. Thus various strategies are being implemented to ensure complete security to keep the integrity of the data while transferring. Some companies work on crucial data that need to be secured. Thus, they set rules for communicating with other devices over the internet. With this post, you will get a brief understanding of the what is SSH?, default SSH port number, how to change and how it works.

SSH became an extension of the traditional telnet protocol. However, telnet was not that secure and thus replaced by SSH over time. If you are a system administrator, then you might have used ssh. SSH vs Telnet: Understanding the Importance of Secure Connections

An SSH port is a virtual doorway that enables SSH connections between devices. Think of it as a specific address on a server waiting for secure shell communication. Here's how it works:

  • Network Communication: All network communication relies on ports. There are over 65,000 possible ports, each associated with different services.
  • SSH Default PortPort 22 is the standard designated port for SSH connections.
  • Changing the Default: For enhanced security, it's highly recommended to change the default SSH port to a different, less obvious one. This makes it harder for attackers to target your SSH connection.
  • Role in SSH: The SSH port is essential for implementing the SSH protocol, which provides secure remote logins, encrypted file transfers, and other key features.

Key takeaway: An SSH port number acts like a communication channel specifically for SSH traffic, with port 22 being the default.

While port 22 is the standard for SSH, using it leaves your server more vulnerable. Here's why changing it is a smart security practice:

  • Brute-Force Attacks: Automated scripts and bots constantly scan the internet for open port 22, trying to crack passwords with repeated login attempts (brute-force attacks). An unusual port number significantly reduces this risk.
  • Reduced "Noise": A standard SSH port receives constant connection attempts, many of them unauthorized. This generates unnecessary logs and can mask real attack attempts.
  • Security Through Obscurity: It's one layer of defense (not a replacement for strong passwords or firewalls!). Attackers are less likely to spend time probing random ports.
  • Improved Organization: If you manage multiple servers, using different SSH ports can help to identify and manage them more easily.

Important Note: Changing the SSH port isn't foolproof security. Always prioritize strong passwords, use key-based authentication when possible, and keep your SSH server updated.

1. To change default SSH port, you must edit the sshd_config file. Besides, keeping a backup of your file is always a good option. Use this command to create a backup first:

ubuntu@ubuntu:~$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup

This command creates a copy of the file in the same directory.

2. The next step is to change the default SSH port. Open the ssh_config file in any editor. Now, enter the following command:

ubuntu@ubuntu:~$ gedit /etc/ssh/sshd_config

3. After you execute this command, the mentioned file opens in the text editor. Search this line in the code:

#Port 22

4. Now, say you want to shift your port number to 45673. For that, remove the hash (#) sign and insert the desired port number instead of 22. Take a look:

Port 45673

5. Besides, do not forget to whitelist this port on your firewall to avoid locking yourself from your device.

Moving on, it’s time to restart SSH.

6. To restart the server to load the changes, you must follow this command as given below:

ubuntu@ubuntu:~$ sudo service sshd restart

As soon as you restart your device, you can see the changes that you made. Keep in mind the most important security configuration is changing the default SSH port number just after you Purchase Linux VPS.

You can easily test the changes without logging out of your SSH session. Complete Tutorial: Changing the SSH Port on CentOS for Enhanced Security

How to Test the Changes?

After you successfully change the default port, you must mention the port number to establish a connection with the server. Here is the command that you need to execute:

ubuntu@ubuntu:~$ ssh username@userIP -p 45673

You set your port number as 45673.

Therefore, you can see that the process is extremely easy and simple. You need to execute a few commands and are good to go.

This secure shell network is the commonly used process to secure the connection between devices over the network. Many companies have implemented SSH protocols to ensure complete data transfer safety. The default SSH port number is 22. Still, it becomes risky in many scenarios where you need to transfer crucial data. You need to change the SSH port number to prevent a brute-force attack.
In this article, we have mentioned various features and working of SSH Port Number, and It’s working. Using this guide, you can change the Default SSH port number per your requirement. 

Antoniy Yushkevych

Antoniy Yushkevych

Master of word when it comes to technology, internet and privacy. I'm also your usual guy that always aims for the best result and takes a skateboard to work. If you need me, you will find me at the office's Counter-Strike championships on Fridays or at a.yushkevych@monovm.com
user monovm

Ms. Carole Cremin

2024, Jun, 24

Great post! You've done a fantastic job outlining the importance of SSH and the security risks associated with the default port. Changing the default SSH port is an essential step for enhancing server security against brute-force attacks. I especially appreciate the clear, step-by-step guide you provided. This will definitely help a lot of system administrators secure their networks more effectively. Thanks for sharing this valuable information!