Change the default SSH server port number

The Secure Shell (SSH) Protocol is using by default port 22. As a virtual/dedicated server administrator, it’s always a good idea to change this. Changing the port to another number will stop many attacks – as attack tools will try to connect to port 22.

The commands we use are tested on a CentOS distribution with cPanel installed.
If you are using a firewall on your server, whitelist the new port number. After finishing the port change, block the old port number.

To change the SSH port: 

  1. Log in to your server as root.
  2. Open the /etc/ssh/sshd_config file in a text editor (like vi, nano etc.).
    vi /etc/ssh/sshd_config
  3. Look for the line
    Port 22
  4. Change the 22 value to 3700 for example. You can use a port from the User Ports Interval (1024-49151), as assigned by the Internet Assigned Numbers Authority (IANA).
  5. Save the file, exit the editor and restart the SSH server.
    service sshd restart
  6. Open a new terminal window (or using PuTTY) and try to connect to the new assigned port:
    ssh username@yourserver.com 3700

Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535); the difference uses of these ranges is described in [RFC6335].

Related KB article: How to install nano editor with yum

Share this post: