There are many ways to secure your Linux VPS. Changing the default SSH port from the default 22 to another one, is one of the first things you should do to secure your Linux VPS. One of the major benefits of changing the default SSH port is to avoid being scanned by the casual port scans. Thousands of brute-force logins are attempting to gain access to servers around the world trying to login to the default SSH port looking for weak passwords on the default accounts. Some of them will even try to use usual variants such as port 222 or 2222. If you change the SSH port to a random number, for example 2569, you will get rid of most of these annoying, and sometimes dangerous brute-force attacks.
In this article we will show you how to change the default SSH port, to strengthen the security of your Linux VPS.
First of all, login to your server via SSH as user root
Note that if SSH is listening on the default port 22, there is no need to specify the port. When the port will be changed, you will need to specify if when logging to the server via SSH. For example, if SSH is listening on port 1012 we can login to the server using the following command:
ssh root@IP_Address -p1012
Once you are logged in to the VPS as user root update the installed packages.
CentOS / Fedora
yum update -y
Ubuntu / Debian
apt-get update $$ apt-get upgrade
Once the system is updated, open the SSH configuration file with your favorite text editor and find the lines that specifies the SSH port.
vim /etc/ssh/sshd_config #Port 22
Uncomment the relevant line by removing the # sign and change the default port 22 to the one that you want to use. In this article we will use port 1012.
Save the changes and exit.
NOTE: Before changing the port, you should make sure that the new port is free and it is not used by another service on your VPS. You should also check if the port is not closed in your server firewall.
Now, restart the SSH service for the changes to take effect.
service sshd restart
Once restarted, SSH will listen on port 1012. You can check this by executing the following command in the terminal
netstat -tunlp |grep ssh tcp 0 0 0.0.0.0:1012 0.0.0.0:* LISTEN 497/sshd
According to the output of the netstat command, the SSH port is changed, and it is now listening on port 1012.
Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to change the SSH port for you. They are available 24×7 and will take care of your request immediately.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.