Change default ssh port from 22 on Debian and Ubuntu

Often it is noted that automated brute force ports tend to attack servers with ssh service on port 22. Of course it is not difficult to scan a port range and determine whether you have ssh running on another port, but usually that happens only in targeted or more sophisticated ports.

So one of the ways you can improve the security of your server is to change the default ssh port from port 22.

Edit /etc/ssh/sshd_config:

Change:

#grep -i port  /etc/ssh/sshd_config
# What ports, IPs and protocols we listen for
Port 22

to

#grep -i port  /etc/ssh/sshd_config
# What ports, IPs and protocols we listen for
Port 959

Restart ssh later:

#service ssh restart
[ ok ] Restarting OpenBSD Secure Shell server: sshd.

Once you do this, commands like ssh-copy-id will not work unless you write it as:

ssh-copy-id -i key "[email protected] -p NewPort"

or specify port in ~/.ssh/config with:

Host iniz
Hostname hostip
User root
Port newport


You are reading this post on Joel G Mathew’s tech blog. Joel's personal blog is the Eyrie, hosted here.