List of content you will read in this article:
Today, secured communication is one of the biggest priorities for every organization as major tasks are being done by transferring data from one device to another over the network. Thus various strategies are being implemented to ensure complete security to keep the integrity of the data while transferring. Some companies work on crucial data that need to be secured thus they set some rules for communicating to other devices over the internet.
Thus, SSH (secure shell) came into the picture as an extension to the traditional telnet protocol. However, telnet was not that secure, thus replaced by ssh over time. If you are a system administrator then you might have definitely used ssh. But if you are not aware of the term then through this article you will get enough knowledge about ssh.
In this article, we will be focusing on SSH, it's working, uses, and how you can change the default ssh port.
What is an SSH port?
Every communication that is done using ssh needs ports to connect and start the communication. Whether the device is wired or wireless, it will require ports. There are more than 65k communication ports available and you can start the communication using any of these ports. By default, all the communication is done using the ssh port number 22 which can be changed and set to any other available port number. Whenever the user runs the command to start the communication between the two devices over the network, the connection will use port number 22.
But, if you are carrying out any crucial communication that requires safety, it is recommended that you change the default ssh port number to other to avoid the brute force attack. As everyone knows that 22 is the default ssh port number and is most prone to attacks and any hacker will easily hack your transferred data. Using ssh port, you can implement the SSH protocol.
SSH or Secure Shell is a network protocol that is used to remotely access the server.It provides you with a secure way to comply with a device over any sort of unsecured network. It’s not just about the security services; it also refers to the bag of utilities that helps to implement the SSH protocol.
Features of SSH Protocol
There are ample features associated with SSH. Let’s dive in!
- SSH comes with strong password authentication, encrypted data communication, and public-key authentication
- It is used to manage systems and applications remotely and allows others to use a device remotely and perform several functions
- It is a cryptographic network protocol and uses the client/server model
- You can create secure tunnels for different application protocols too. Application protocols are further used for terminal emulation or for transferring the files
- Port forwarding
Let's dive into understanding the working mechanism of SSH!
How does SSH work? [A Complete Guide]
The SSH protocol works in the client-server model where one device is the server and the other device acts as a client. The SSH client will establish the connection process and uses public-key cryptography for verifying the identity of the SSH server. After the connection has been set up, the SSH protocol will use strong symmetric encryption and hashing algorithms for ensuring the privacy and integrity of the data that is being transferred between the client and server.
The below image will show the data flow between both the server and the client.
In the process of working on the SSH protocol, we will be discussing various steps that take place.
- Establishing an SSH connection.
- Session encryption negotiation.
- User authentication.
Establishing an SSH connection
For creating an SSH connection, you need to run a command from the client’s machine as shown below.
Once the command runs a session encryption negotiation process will start.
Session encryption negotiation
Once the request has been sent to the server, the server will send the client a set of encryption protocols that are being supported by the server. The server will then use the public key as the authentication method. The client will match the server’s set of protocols with its own, if the protocol matches, then both the machine will agree to establish the connection and start the data transfer.
The client will compare the public key of the server to the locally stored private key while establishing the connection for the first time. If both the keys match, the client and server will start the symmetric encryption method for communicating during the SSH session. For this communication to occur, they will start communicating using an asymmetrically encrypted process that works on the Diffie-Hellman (DH) key exchange algorithm for securely creating a cryptographic key over a public network. For generating a key, the machines will be performing the following steps:
- Both the machines will agree on two numbers which are a modulus and a base number. If you want to prevent brute force key decryption, you need to choose a modulus as a prime number of at least 600 digits.
- The machines will individually choose one number and apply it to the equation that will involve the two public numbers.
- The server and the client will then exchange these calculated values.
- Each machine will then perform a calculation based on the result received from the other as shown below.
After the process, a shared secret key will be generated that will be shared between both devices.
The most commonly used SSH user authentication methods are passwords and SSH keys. The clients will send the encrypted passwords to the server securely. However, in some scenarios, the passwords are considered to be a risky authentication method as the strength of the password depends on how the user creates the password.
While using the asymmetrically encrypted SSH public-private key pairs is considered to be a better option than passwords. Once the client decrypts the message, the server will then grant the required system’s access to the client
For generating an SSH key pair, you need to type ssh-keygen in the terminal. Then, the system will generate and store the keys as shown below.
SSH was introduced to update the insecure terminal emulation, for instance, rlogin or Telnet. SSH performs the same functions with more flexibility and comfort. Not just this, it also replaces several file transfer programs. For instance, FTP (File Transfer Protocol) and RCP (Remote Copy).
The primary aim of SSH is to connect the remote host in case of a terminal session. You use the following command to achieve the task:
What does this command do?
Well, this command will help the client to connect to the server.
Moving onto the next segment, SSH has various uses associated with it; take a look.
Uses of SSH
- By default, you will get the SSH terminal for MAC, Windows, and Unix operating system
- Various kinds of communications can be secured with the help of SSH connections between a remote host and a local machine
- It is also used to manage routers, virtualization platforms, server hardware, file transfer applications, and much more
- You can also connect to servers, use tools or the terminal to upload and exit
- SSH keys come with SSO, or single sign-on, that helps the users to move between the accounts without inserting the password every time
Additionally, it plays an important role in access management and identity management. The SSH traffic is highly encrypted as well. It also assists you with the secure issuance of commands on several remote devices. You can expect secured as well as automated file transfers. Along with that, be assured of security management of your network infrastructure components.
In a nutshell, SSH is widely used in scripts and several other software to securely access data and resources remotely. Now, let us incline our focus on our core topic, that is, the SSH default port.
What is Default SSH Port Number?
As we have discussed above, every communication will be done by using the default SSH port number that is 22. This port is considered to be unsafe for carrying out crucial transfers as it is known to everyone that the default [port number is 22. It is a smart move that we change the default port number to some other port for avoiding the brute force attack. A connection between a wired and a wireless machine is carried out via ports. In total, there are 65,536 communication ports. Additionally, by default SSH Port Number is 22 for communication.
Whenever you run a command through Default SSH port number 22, A Connection is established between client and server. Every connection now initializes through this port. Besides, there are several instances where there is a need to change the default SSH port number for security purposes. The security measures become necessary to protect the server from brute force attacks.
When we talk about the brute force attack, it is an error method in order to crack the incorrect data. For instance, figuring out passwords via exhaustive efforts instead of algorithms. It basically means to hit and try until you crack the code.Additionally, as it is evident that Port 22 is the default port for communication, thereby it becomes easier for the unauthorized party to access data.
When you switch this port to some other, then the hacker has to try several other ports to ultimately find an open port. Therefore, to put any hacker out of the bounds, this step can be taken.
But, the question is, what’s the method to change the default SSH port?
How to Change the Default SSH Port
To change your default SSH port, you have to edit the sshd_config file. Besides, it is always a good option to keep a backup of your file. Use this command to create a backup first:
ubuntu@ubuntu:~$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
This command creates a copy of the file in the same directory. The next step is to change the default SSH port. Open the ssh_config file in any editor. Now, enter the following command:
ubuntu@ubuntu:~$ gedit /etc/ssh/sshd_config
After you execute this command, the mentioned file opens in the text editor. Search this line in the code:
Now, say, you want to shift your port number to 45673. For that, simply remove the hash (#) sign and insert the desired port number instead of 22. Take a look:
Besides, do not forget to whitelist this port on your firewall to avoid locking yourself from your device.
Moving on, it’s time to restart SSH.
To restart the server in order to load the changes you must follow this command as given below:
ubuntu@ubuntu:~$ sudo service sshd restart
As soon as you restart your device, you can see the changes that you made.
Now, you can easily test the changes without logging out of your SSH session.
How to Test the Changes?
After you successfully change the default port, you must mention the port number to establish a connection with the server.Here is the command that you need to execute:
ubuntu@ubuntu:~$ ssh username@userIP -p 45673
You set your port number as 45673.
Therefore, you can see that the process is extremely easy and simple. You need to execute a few commands and you are good to go.
Today, ssh is commonly used to secure the connection between the devices over the network. Many companies have implemented SSH protocol to ensure complete data transfer safety. By default, the SSH port number is 22 but it becomes risky in many scenarios where you need to transfer crucial data. You need to change the SSH port number to prevent a brute-force attack.
In this article, we have mentioned various features and working of SSH. using this guide, you will be able to change the port number as per your requirement. This guide will help you to understand the basics of SSH and default port.
People are also reading: