Verified and Tested 4/21/15
In this tutorial, we will be showing you how to change the SSH port in Ubuntu and Debian. For the purposes of this walkthrough, the operating system we created is a brand new Ubuntu 14.04 64 bit Cloud server. This also works in our Ubuntu 12.04 OS as well as our Debian Cloud Servers. We will be using the vi editor for our file editing needs. Feel free to download and use any editor that you feel comfortable with.
Believe it or not, one of the simplest things you can do to secure your server is to change the SSH port. Since SSH defaults to port 22, you will see a lot of brute force attacks occurring over that port as a lot of users do not change this default SSH port.
An Ubuntu 14.04 64 bit server. If you do not currently have a server, consider one of the affordable hosting solutions from Atlantic.Net.
Change your SSH Port in Ubuntu and Debian
The first thing we want to do is SSH into our server using your preferred SSH client. Be sure that if you are using a custom user, that you have sudo rights.
Once you have logged into the server, let’s open our SSH configuration.
For the above image, you can see where the configuration file states “Port 22.”
To change the SSH port, you simply need to change the 22 to any number that you would like to use, provided it is a port another program does not run on. For a list of common ports in use, you can check the following MIT page. In our example, we will be changing the SSH port to 922 so your new line should instead read “Port 922.”
Once you have completed the change, simply exit and safe the sshd_conf file. Now all you need to run is the below command, and it will restart the SSH server. This means the next time you want to connect via SSH; you will need to do so on your new port, in our case, 922.
service ssh restart
Don’t forget to change the port 22 to your new port in your IPTables if you have it installed! You can check out the Locking down your Ubuntu server with IPTables section (link) for information on how to do that.
Please do not forget that you can always access your server via our VNC viewer in the Cloud Portal if you are unable to access the port you have changed this to.