By default, SSH runs on port 22, which is commonly targeted by automated bots and brute-force attacks. Changing the SSH port is a simple yet effective security hardening step for any Linux server.
Step 1: Edit the SSH Configuration File
Open the SSH daemon configuration file:
nano /etc/ssh/sshd_configLook for the following line:
#Port 22Uncomment it and change the port number (example: 2222):
Port 2222Save and exit the file.
Step 2: Validate the SSH Configuration
Before restarting SSH, validate the configuration:
sshd -tIf there is no output, the configuration is valid.
Check exit status:
echo $?
0
Step 3: Restart the SSH Service
For AlmaLinux / Rocky Linux / CentOS / RHEL
systemctl restart sshdFor Ubuntu / Debian
systemctl restart ssh
Step 4: Verify SSH Is Listening on the New Port
ss -tulpn | grep ssh
LISTEN 0 128 0.0.0.0:2222If you still see port 22, the configuration was not applied correctly.
Step 5: Allow the New Port in Firewall
Raise ticket with us to allow any port in firewall.
Step 7: Test SSH Connection (Very Important)
Do not close your current SSH session yet.
Open a new terminal and connect using the new port:
ssh root@SERVER_IP -p 2222If the login is successful, the new SSH port is working correctly.
