Introduction

There a lot of ways to protect access to Linux Operating System driven servers trough ssh ports, this is just another one.

This is somehow, like covering your house’s front door with bricks and enabling another door, where only you and your family knows. That way the first thing a burglar needs to do, is to find the door, only after that he will be able to try to open it.

ssh listen to port 22 by default, but you can change that behaviour, and the bots will not be able to attack your Linux server as they usually only attack to port 22.

How to change the default ssh port from 22 to other one

First locate the file sshd_config which should be located at: /etc/ssh/

Edit it with your favorite text editor, mine is vim.

vim /etc/ssh/sshd_config

That should be done as root.

Look for this line:

Port 22

Change it to an unused port in your system, I am going to put here as an example, port 421

So, it should look like this:

Port 421
#ListenAddress 0.0.0.0

You may want to also change the ListenAddress to bind only the interface you are using to access your server.

Once that is done, restart the sshd service.

Debian / Ubuntu

/etc/init.d/sshd restart

Arch Linux

/etc/rc.d/sshd restart

Slackware Linux

/etc/rc.d/rc.sshd restart

That should be also done as root, or using sudo command

Now to access your server you need to run:

ssh -l <user> -p 421

Conclusion

Remember that no matter which method or combination of methods, you use to secure your server, probably, the best one, is to have really strong passwords, and change them frequently.

Also, always check your logs files.