How to Change Your Server’s SSH Port

By default the Linux SSH server (usually OpenSSH) listens for connections on port 22.  Everyone knows this, including hackers.  If you have other security measures in place, it may not matter if would-be attackers know your SSH port.  Nevertheless, having SSH on another port other than the default may add a bit of a deterrent to at least keep out the small-time hackers.

Blocking port 22 on your dedicated server is kind of like permanently sealing the front door of your house with a wall and using another door that only you and your family know about.  It would not keep out a determined intruder because he could always search for the other door, but it will confuse the inexperienced attacker and make it more difficult to get in.

To change your SSH port, as root, edit the sshd_config file in your /etc/ssh directory.

vim /etc/ssh/sshd_config

You will find a line that looks like this:

Port 22

Change the number to the port number of your choice.  Make sure it is a port not used by another service.

Port 4583

Save the file and then restart sshd:

/etc/init.d/sshd restart

By changing the port that SSH uses, you will have added a thin layer of security to your server.  It will not stop the more advanced bots, so you will still need to take extra precautions.  Also, make sure you configure your firewall to block port 22 and allow the new port that you have assigned to SSH.