Change the default SSH server port number

The Secure Shell (SSH) Protocol is using by default port 22. As a virtual/dedicated server administrator, it’s always a good idea to change this. Changing the port to another number will stop many attacks – as attack tools will try to connect to port 22.

The commands we use are tested on a CentOS distribution with cPanel installed.

If you are using a firewall on your server, whitelist the new port number. After finishing the port change, block the old port number.

To change the SSH port: 

1. Log in to your server as root.

2. Open the /etc/ssh/sshd_config file in a text editor (like vi, nano etc.).

vi /etc/ssh/sshd_config

3. Look for the line

Port 22

4. Change the 22 value to 3700 for example. You can use a port from the User Ports Interval (1024-49151), as assigned by the Internet Assigned Numbers Authority (IANA).

5. Save the file, exit the editor and restart the SSH server.

service sshd restart

6. Open a new terminal window (or using PuTTY) and try to connect to the newly assigned port:

 ssh 3700

Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535); the difference uses of these ranges is described in [RFC6335].

Related KB article: How to install nano editor with yum

Leave a Reply