How to: Change SSH port number on Linux [Guide]

SSH can be confusing for those new to Linux. If you’re a Linux user and you’re trying to change the SSH port number, we’ve got you covered. Follow along with this guide as we show you how to change the SSH port number on Linux!

Before we begin

SSH (AKA Secure Shell) is a cryptographic network protocol for carrying out network operations over a secure network. On Linux, SSH is mostly run on servers to give users remote console-command access over the internet or LAN. However, this is not the only Linux application for SSH, as it is also used to interact between Linux workstations.

In this guide, we’ll go over how you can change the default port on your OpenSSH server from port 22 to something more secure. However, you should know that you must have an SSH server running before attempting to change the port.

If you’re intending to set up an SSH server and want to know how to change the port from 22 to something different, please first follow our guide on setting up an OpenSSH server on Linux.

SSH Clients

Need a good client to connect to your SSH server? Do yourself a favor and check out the EasySSH app for Linux. It takes the confusing nature of SSH and simplifies it so that you can connect without a fuss. For more information on the EasySSH client for Linux, click here.

Change SSH port number

To change the default SSH port on the OpenSSH server in Linux, you will need to stop the server from running. The OpenSSH server can quickly be shut down on most Linux operating systems using the Systemd runtime tool.

Open up a terminal on the Linux device running the SSH server. If you are running SSH on a server, you will not be able to do this remotely! Connect a keyboard and get to work.

Once the terminal window is open, execute the systemctl sshd status command in the terminal. This status command will tell you if the SSH server is up and running. If it says “Active: active (running),” the OpenSSH server software is operating normally.

systemctl status sshd

To shut off the SSH server, make use of the systemctl stop command. This command will immediately turn off the sshd.service file, thus killing your SSH server for the time being.

sudo systemctl stop sshd

To confirm that the systemctl stop command indeed shut down the OpenSSH server, re-run the status command. If the systemctl stop command indeed successfully killed the OpenSSH server, you will see “Active: inactive (dead)” in the output.

systemctl status sshd

With the server closed, it is time to open up the OpenSSH server configuration file. To do this, use the following nano command below.

Note: in this guide, we’re focusing on the Nano text editor as it is easy to understand for most users and has a simple user interface. Feel free to change out Nano for your favorite terminal-based text editor instead!

sudo nano -w /etc/ssh/sshd_config

Look through the Nano text editor for #Port 22 in the code. The # symbol turns off this line of code. As a result, your SSH server is likely using the default SSH port instead of having one specified.

To change the port, delete the # symbol in front of #Port 22 and change the “22” number to a different port. Don’t just choose any port, though, as some ports may already be in use by other software on your server, etc.

Once you’ve successfully changed the port in the configuration file, press the Ctrl + O keyboard combination in the Nano text editor to save the changes. After that, press the Ctrl + X keyboard combination to close the editor.

Once the Nano text editor is closed, execute the systemctl start sshd command. This command will start the OpenSSH server again. From here, your SSH server will be running on a different port number!

Connecting over SSH with a different port number

Connecting over SSH is different when your OpenSSH server isn’t using the default port 22. No longer will you be able to initiate a connection by merely specifying the hostname and the domain name. You’ll instead have to make use of the -p command-line switch to specify the port.

To connect over the command-line to an SSH server that is not running on port 22, do the following.

ssh -p CUSTOM_PORT_NUMBER my-user-name@host-name-or-ip

If you forget to add the custom port number, you can add an alias to your .bashrc file.

Open up the .bashrc file in the Nano text editor with the command below.

nano ~/.bashrc

Create a new line at the bottom of the file to make room for the new alias by pressing the Enter key. Then, add in the alias. Be sure to change “CUSTOM_PORT_NUMBER” in the alias to reflect your port.