As a software developer, one of the most important things you can do to secure your server is to change the default SSH port. By default, SSH servers listen on port 22, which is well-known and easily targeted by attackers. Changing the port will add an extra layer of security to your server, making it harder for attackers to find and target.
In this guide, we’ll go over how to change the SSH server port on a Linux server. We’ll cover the steps you need to take to make this change, as well as some tips for securing your server.
Step 1: Login to Your Server
The first step in changing the SSH server port is to login to your server. You can do this using your preferred SSH client. Once you’ve logged in, you should be at a command prompt.
Step 2: Backup SSH Configuration File
Before making any changes, it’s always a good idea to backup the configuration file. This will allow you to easily revert any changes you make if something goes wrong.
To backup the SSH configuration file, run the following command:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
This will create a backup of the SSH configuration file named sshd_config.bak.
Step 3: Edit SSH Configuration File
Next, we need to edit the SSH configuration file to change the port number. Open the file using your preferred text editor. For example:
sudo nano /etc/ssh/sshd_config
Look for the following line in the file:
#Port 22
Uncomment the line by removing the # and change the port number to your desired value. For example:
Port 2222
Save the file and exit your text editor.
Step 4: Restart SSH Service
To apply the changes we’ve made, we need to restart the SSH service. Run the following command to do so:
sudo systemctl restart sshd
This will restart the SSH service with the new configuration.
Step 5: Test SSH Connection
Finally, we need to test that we can still connect to the server using SSH on the new port number. Open a new terminal window and run the following command:
ssh user@your-server-ip -p 2222
Replace “user” with your username and “your-server-ip” with your server’s IP address. The “-p” flag specifies the port number we just configured.
If everything is working correctly, you should be able to connect to your server using SSH on the new port number.
Tips for Securing Your Server
Changing the SSH server port is just one step in securing your server. Here are some additional tips to help improve the security of your server:
- Use SSH keys instead of passwords: SSH keys are more secure than passwords, as they are not susceptible to brute force attacks. You can generate SSH keys using the
ssh-keygen
command. - Disable root login: Instead of logging in as root, create a new user with sudo privileges and use that account to manage your server. This will help prevent attackers from gaining access to your server using the root account.
- Enable firewall: Use a firewall to restrict incoming traffic to your server. This will help protect your server from network-based attacks.
Conclusion
Changing the SSH server port is an important step in securing your server. By following the steps outlined in this guide, you can easily change the SSH port on your server and add an extra layer of security. Remember to always backup your configuration file before making any changes and to test your connection after making the change.
For additional resources and further reading, check out the following links:
By taking the time to implement these additional security measures, you can help protect your server from attackers and ensure that your data remains safe and secure.
📕 Related articles about Linux
- History of Linux: Achieving Success through Competitive Advantage
- How to use download accelerator in Linux terminal
- How to check disk health status in Linux
- How to add user to group in Linux
- How to recover lost GRUB bootloader in Linux
- How to Disable SSH Timeout