How do I change the port SSH listens to

March 11, 2009 Web Development

Servers get a lot of brute force attacks on a daily basis. If you want to change the port SSH listens to, here's how I did it.   
Blogged By:

Team Louish
Secure your SSH by changing the port its listening to. You will want to edit the /etc/ssh/sshd_conf file to specify your new port.
root [~]# pico /etc/ssh/sshd_conf
Look for where it says #Port 22, remove the # and change it to something like:
Port 5555
If you use IPTABLES, you will need to open the port in the firewall:
root [~]# iptables -I INPUT -p tcp --dport 5555 -j ACCEPT
Make sure you save your iptables or you'll be screwed on the next reboot
root [~]# /etc/init.d/iptables save
Then restart sshd
root [~]# /etc/init.d/sshd restart

On another level of security, I recommend you block ssh to the public and only allow your IP address (and a friends, in case one day your IP changes and you can't get back in). Edit the hosts.allow file:
root [~]# pico /etc/hosts.allow
Then add this:
sshd : YOUR.IP.ADDRESS : allow
#Allow SSH from My IP
sshd : ALL : deny
#Deny access from all other IPs
Make sure you allow your IP above the deny all, otherwise you will be denied as well.





 
How do I change the port SSH listens to Servers get a lot of brute force attacks on a daily basis. If you want to change the port SSH listens to, here's how I did it.  

COMMENTS





CATEGORIES


RECENT BLOGS


RECENT COMMENTS


SEARCH


Follow Us
 Flickr
 Facebook
 YouTube
 Vimeo