Default SSH Port and Security
The default SSH port is
22.As this is very well known, attackers scan this port first. Overall security is not the topic here though. We are focusing strictly on securing SSH access. Here are some common methods.
- Changing the default port (Security by obscurity)
- Private Networking with VPN access (Far more secure)
- Firewall filtering (More secure than simple changing the port)
Security by Obscurity
Obscurity is simply modifying the method at hand just slightly to throw off bots and the average “Joe”. This is the method we are covering in this post. We are going to change the default port from
2234. This is literally the second and most basic technique to securing your Linux instance, physically or virtually. The first of course, a SECURE PASSWORD!
Changing the Default SSH Password
For our instruction, we will be using Ubuntu 16.04 Xenial.
1. Open SSHd configuration file
vim for a majority of my edits. However, you can use any editor you prefer from the terminal.
sudo vim etc/ssh/sshd_config– You’re going to need to edit this file with root permission.
2. Modify the default port
Port 22 to
Port 2234 and then save. To edit using VIM first push “i” for insert on your keyboard. To save push “ESC” then “SHIFT ZZ”. This will write your changes to the file.
sudo service sshd restart. This will restart the service, it will not disconnect you. Prior to disconnect, confirm your settings were set correctly by cat’ing the sshd_conf file.
cat /etc/ssh/sshd_config, you will not need to be root to do this. Once confirmed disconnect using
exit and reconnect.
Although simple, it is effective. Granted, any port scanner would figure it out, it still prevents someone from simply stumbling on in.