How to change SSH port on Linux?

This article will show you how to change the SSH port on Linux to help you avoid someone using the default SSH port configuration (port 22) to attack to detect the root account password of VPS/Server Linux.


You can review the article:

Check the SSH port is listening

We need to check which port is being used by SSH to listen for SSH connections to the Linux server. You use the following command to check the current SSH port:

netstat -atnp | grep "ssh"

As the example below you will see the current SSH port is: 22

Check the port SSH

Configure SSH port changes on Linux

You need to specify the port number used for this SSH port change. For example, “6888”, after deciding on a new SSH port number, we need to check whether any services are using the “6888” port.

netstat -atnp | grep ":6888"

If the output has no service programs in use, then port “6888” is available. We will edit the SSH service configuration file ‘ /etc/ssh/sshd_config ‘ as user root.

Search for the line ‘ #Port 22 ‘, remove the ‘ # ‘ at the beginning, and replace it with the port you want to use. If the configuration file is using a different number, replace the content ” Port ” with the port number you want.

For example, “6888”, you should avoid choosing well-known digital ports, ie common ports for other services.

Port 6888

Save the configuration file, check the SSH service configuration syntax, and check whether the syntax is incorrect. If the syntax is wrong, please correct it before continuing.

sshd -t

Open firewall rule for new SSH port

If you are using a firewall on a Linux system, you need to open the port to allow connections to the newly configured SSH port (6888) before restarting the SSH service.
The example below is using the ‘iptables’ firewall.

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 6888 -j ACCEPT

In the case of some cloud servers/VPS services, they have an additional firewall layer to serve themselves, this layer will filter the traffic before it enters the VPS/Linux server. If this is the case, then you need to open the port on the provider’s service interface.

Start SSHd service and test

Restart the SSH service for SSHd to apply the new configuration.

systemctl restart sshd

Next is to test the SSH connection to the new SSH port-port 6888. Remember not to close the terminal or exit the SSH connection during this period. If you log out but are not sure whether you have connected to SSH using the new port, you need time to connect to a separate conforce for this Linux server/vps to fix it.

Now open an SSH Client program like putty on Windows or use the command ‘ ssh ‘ on Linux with the option ‘ -p portnumber ‘ to test the newly configured SSH port service connection.

So, the way to change the SSH port on Linux is simple, right? Good luck!

You May Also Like
About the Author: Anh
Blogger at

Leave a Reply

Your email address will not be published. Required fields are marked *