Pages

Wednesday, March 27, 2013

How To Change Default SSH Port 22 in Linux

By default, SSH listens for connections on port 22. Attackers use port scanner software to see whether hosts are running an SSH service. It’s wise to change the SSH port to a number higher than 1024 because most port scanners by default don’t scan high ports.

root@localhost[~]# cd /etc/ssh/

2) Edit file: sshd_config

root@localhost [/etc/ssh]# vi sshd_config
Change port on below line in sshd_config file:
“#Port 22″ should be changed to “Port 4765 ”
3) You should not permit root logins via SSH, because this is a big and unnecessary security risk. If an attacker gains root login for your system, he can do more damage than if he gains normal user login.

Configure SSH server so that root user is not allowed to log in. Find the line that says:
“PermitRootLogin yes” should be changed to “PermitRootLogin no”

You can then log in with any other defined user and switch to user root if you want to become a superuser.

4) Once all the changes done, restart the ssh services:
root@localhost [/etc/ssh]# service sshd restart
Above provided steps will change default ssh port 22 to other port like 4765.

Make changes to the firewall with blocking Port 22 and allowing the new Port number used by SSH.

No comments:

Post a Comment