Changing SSH port in Linux -Stay Safe from Vulnerabilities


The Secure Shell (SSH) is one of the very commonly used protocols which are used for connecting to servers. But it is also very vulnerable to hackers and prone to be attacked.

When we are connecting by default the ssh protocol connects to port 22 which is default port.

I would be showing how to change this value from default to some custom port to avoid attacks on port 22.


Steps:

1) Verify the connection to server is going on port 22.

himanshu@himanshu-ThinkPad-T430 ~ $ ssh -p 22 himanshu@lfcs.lab
himanshu@lfcs.lab's password: 
Last login: Sun Apr  5 15:39:31 2020 from 192.168.56.1

2) Now I don't want connections to be going to port 22 so I will disable port 22 from ssh configuration on server and use some custom port.

Edit file 
[root@lfcs ssh]# vi /etc/ssh/sshd_config

Un-comment Line Port 22 and change 22 as 3022(custom port)

[root@lfcs ssh]# grep -i port /etc/ssh/sshd_config
   Port 3022

3) Restart ssh service

[root@lfcs ssh]# service sshd restart
Redirecting to /bin/systemctl restart sshd.service


4) Try to test connection on ssh.

himanshu@himanshu-ThinkPad-T430 ~ $ ssh -p 22 himanshu@lfcs.lab
ssh: connect to host lfcs.lab port 22: Connection refused

using new port

himanshu@himanshu-ThinkPad-T430 ~ $ ssh -p 3022 himanshu@lfcs.lab
himanshu@lfcs.lab's password: 
Last login: Sun Apr  5 16:13:04 2020