In this article, you will learn how to change the SSH port from any predefined to another preferable port.

If you wish to change your SSH port to default port 22 we suggest avoiding it as in its default configuration, an SSH server will listen for incoming connections on Transmission Control Protocol (TCP) port 22. Because this is a standardized, well-known port, it is a target for threat actors and malicious bots.

For Ubuntu 16.04/18.04/20.04 :

After you log in as root to your server run the following command to edit the sshd_config file to apply any changes on a preferable port

$ nano /etc/ssh/sshd_config

Find the line that starts with Port 51821

Port 51821
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

In this case, we will change the predefined port to default port 22

Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Save and exit the nano text editor.

In order to apply the changes for sshd_config, it requires restarting the sshd.service on your server.

To do so, run the following command :

$ systemctl restart sshd.service

If you have applied firewall rules on your server, keep in mind that you will have to proceed by adding port to allow list in order to allow incoming connections.

For CentOS 6/7/8 :

After you log in as root to your server run the following command to edit the sshd_config file

$ vi /etc/ssh/sshd_config

Use the arrow keys to scroll through the file until you locate the following text

Port 51821
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Place the cursor on the line below Port 51821 and press the i key to enter Insert Mode. After you enter to insert mode, change the port to the preferable port you wish to use for SSH connection. In this case we will change from port 51821 to default port 22 as seen below

Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Lastly, press the Esc key to exit Insert Mode. Next, save the configuration file by quitting vi by typing :wq and pressing the Enter key.

In order to apply the changes of sshd_config file, run the following command

$ systemctl restart sshd

Update your firewall to ensure that incoming connections are allowed to the newly specified port. Enter the following two lines:

$ sudo firewall-cmd --add-port=22/tcp --permanent
success
$ sudo firewall-cmd --remove-service=ssh --permanent
success

For both Linux Distros, to verify that configurations applied successfully try to ssh on your server to the port that you have set. For example, if you changed the predefined port 51821 to port 2021 run the following command

$ ssh -p 2021 root@YOUR_SERVERS_IP_ADDRESS