Every Linux server connected to the internet has something in common: within minutes of going live, automated bots are already knocking on port 22.
Changing your default SSH port won't make your server completely bulletproof, but it will immediately cut through the noise. Fewer failed login attempts means cleaner authentication logs and significantly less exposure to credential-stuffing scripts.
In this guide, we break down exactly how to transition to a non-standard port safely without accidentally locking yourself out of your environment.
🛠️ The Quick Reference Steps
-
Edit Config: Modify
/etc/ssh/sshd_configand setPort [your-chosen-number]. -
Firewall First: Update UFW (
sudo ufw allow [port]/tcp) or Firewalld before closing your active terminal. -
SELinux Check: If you are running RHEL/Rocky Linux, you'll need to authorize the port via
semanage. -
Test: Always test the connection in a new window using
ssh -p [port] user@ipbefore terminating your current session!
💡 For a deep dive into the exact commands, client-side configuration shortcuts, and advanced hardening tips, check out our full tutorial:
👉 Read the Complete Guide on Fit Servers
Top comments (0)