By default, SSH runs on port 22, which is commonly targeted by automated attacks. Changing the SSH port is a simple yet effective way to reduce unauthorized login attempts and improve server security.
Step-by-Step Guide:
Step 1: Connect to Your VPS via SSH
Use your SSH client (like PuTTY or Terminal) to log in as the root user.
Step 2: Edit the SSH Configuration File
Open the SSH config file in a text editor:
nano /etc/ssh/sshd_configStep 3: Find and Change the Port Number
Look for the line that says:
#Port 22Uncomment it (remove the #) and change 22 to your preferred port number, e.g. 2222:
Port 2222Step 4: Save and Exit
In nano, press CTRL + X to exit, then Y to save.
Step 5: Update Your Firewall Rules
Make sure the new SSH port is allowed in your firewall. For example, using ufw:
ufw allow 2222/tcpStep 6: Restart SSH Service
systemctl restart sshdStep 7: Test the New Port
Open a new SSH session and connect using the new port:
ssh -p 2222 root@your_vps_ipTips / Common Issues:
- ✅ Always keep a second SSH session open while testing the new port, so you can revert if something goes wrong.
- ✅ Avoid using ports commonly used by other services (like 80, 443, etc.).
FAQs:
Q: What if I lose connection after changing the port?
You can revert to the default port by editing the sshd_config file again via the VPS console or a backup SSH session.
Q: Is changing the port enough to secure SSH?
It’s a good step, but also consider using SSH keys and disabling password authentication for stronger security.
