ssh security tip | Change sshd listening portFollow @ggarron
There a lot of ways to protect access to Linux Operating System driven servers trough ssh ports, this is just another one.
This is somehow, like covering your house’s front door with bricks and enabling another door, where only you and your family knows. That way the first thing a burglar needs to do, is to find the door, only after that he will be able to try to open it.
ssh listen to port 22 by default, but you can change that behaviour, and the bots will not be able to attack your Linux server as they usually only attack to port 22.
How to change the default ssh port from 22 to other one
First locate the file
sshd_config which should be located at:
Edit it with your favorite text editor, mine is vim.
That should be done as root.
Look for this line:
Change it to an unused port in your system, I am going to put here as an example, port 421
So, it should look like this:
Port 421 #ListenAddress 0.0.0.0
You may want to also change the
ListenAddress to bind only the interface you are using to access your server.
Once that is done, restart the
Debian / Ubuntu
That should be also done as root, or using sudo command
Now to access your server you need to run:
ssh -l <user> -p 421
Remember that no matter which method or combination of methods, you use to secure your server, probably, the best one, is to have really strong passwords, and change them frequently.
Also, always check your logs files.