Introduction
SSH (Secure Shell) is a widely used protocol for secure remote access to Linux servers. By default, SSH uses port 22 for communication. While this is convenient, it also makes your server a prime target for hackers trying to gain unauthorized access. One effective way to enhance your server's security is to change the default SSH port. In this tutorial, we will walk you through the steps to change the default SSH port on Ubuntu.
Why Change the Default SSH Port?
Changing the default SSH port adds an extra layer of security to your server. Attackers often scan the internet for servers running on port 22 and try to exploit known vulnerabilities. By switching to a non-standard port, you can reduce the likelihood of automated attacks, but keep in mind that security through obscurity should not be your only line of defense. It should be used in conjunction with other security measures like strong passwords, key authentication, and a firewall.
Here are the steps to change the default SSH port on Ubuntu:
Step 1: Connect to Your Server
Before making any changes, log in to your Ubuntu server as the root user or a user with sudo privileges. You can do this using SSH with the existing default port (port 22). Replace 'your_username' and 'your_server_ip' with your actual credentials:
ssh your_username@your_server_ip
Step 2: Edit the SSH Configuration File
Once you are logged in, open the SSH configuration file with your preferred text editor. We'll use nano in this example:
sudo nano /etc/ssh/sshd_config
Step 3: Locate the Port Configuration
In the SSH configuration file, look for the line that specifies the SSH port. By default, it should be #Port 22:
Step 4: Change the Port Number
Uncomment the line and replace the default port number (22) with your desired port number. Make sure to choose a port that is not already in use and is not within the well-known ports range (0-1023). A good practice is to choose a port between 1024 and 49151. For example, you can use:
Step 5: Save and Exit
After making the change, save the file and exit the text editor (in nano, you can press Ctrl + O to save and Ctrl + X to exit).
Step 6: Restart SSH
To apply the changes, you need to restart the SSH service:
sudo systemctl restart ssh
Step 7: Verify the Port Change
Before you log out of your SSH session, open a new terminal window and try to connect to your server using the new SSH port. For example:
ssh your_username@your_server_ip -p 2222
If the connection is successful, you've successfully changed the SSH port. Remember to update your SSH client configuration if you frequently connect to this server from different machines.
Conclusion
Changing the default SSH port on your Ubuntu is a simple yet effective way to enhance security by reducing the visibility of your server to potential attackers. It's essential to implement other security measures alongside this change, such as strong authentication methods and regular software updates, to maintain a secure server environment. That way you can help protect your server from unauthorized access and potential security threats.