In recent versions of Ubuntu, specifically from version 22.10 onwards, Ubuntu has shifted from Traditional SSH to Socket-Based SSH activation. This adoption has brought several improvements in system resource utilization and service responsiveness. However, it has also introduced a challenge for users accustomed to configuring their SSH service the traditional way.
Setting up a custom SSH port the old way
In earlier versions of Ubuntu, the process of changing SSH port was straightforward: locate and edit "sshd_config" file (usually in /etc/ssh), adjust the "Port" parameter to the desired port, save and exit the file, open the new port in the firewall, and finally, restart the SSH service. This ensures that SSH would listen on the newly specified port. However, in Ubuntu 22.10 and above, due to the adoption of Socket-based activation, a different method is now required to modify the SSH port. Even the /etc/ssh/sshd_config file includes a section mentioning this:
Setting up a custom SSH port the "NEW" way
As discussed earlier, in Ubuntu 22.10 and beyond, a new approach using Socket-based activation has been introduced to modify the SSH port. This method leverages "systemd" to handle the SSH service. Here's a step-by-step process for changing the SSH port:
Step 1: Create the necessary directory
- Open your terminal and execute the following command:
sudo mkdir -p /etc/systemd/system/ssh.socket.d
- This command ensures that the necessary directories exist for systemd to manage the SSH socket.
Step 2: Create the configuration file (listen.conf)
sudo vim /etc/systemd/system/ssh.socket.d/listen.conf
- If you want SSH to listen on both port 22 and your custom port 54872, add the following lines:
[Socket]
ListenStream=54872
- Else, if you want SSH to listen on your custom port "54872 only", add the following lines:
[Socket]
ListenStream=
ListenStream=54872
- Next, save the file and exit.
Step 3: Reload the systemd manager configuration:
sudo systemctl daemon-reload
- This will ensure that systemd recognizes the new configuration.
Step 4: Restart the SSH socket:
sudo systemctl restart ssh.socket
Step 5: Verify the change:
- To confirm that the SSH port has been successfully changed, attempt to connect to your server using the new port, in this case,
54872.
ssh <user>@<your_server_ip> -p 54872
- If successful, you've now securely configured SSH to use the new port.
Reverting to the Traditional method of setting a custom SSH port
The shift to socket-based activation for SSH in Ubuntu versions 22.10 and above has evoked varied reactions from users. While some acknowledge its potential advantages in efficiency and resource handling, others face difficulties, particularly concerning custom port configurations and the inclination to return to the conventional SSH setup.
Returning to the traditional configuration involves a sequence of five steps. The following commands facilitate its implementation:
sudo rm /etc/systemd/system/ssh.service.d/00-socket.conf
systemctl disable --now ssh.socket
systemctl enable --now ssh.service
sudo systemctl daemon-reload
sudo systemctl restart ssh
Conclusion
Ubuntu's new way of doing things with Socket-based activation brings benefits, but some users find it tricky. Many prefer the old, familiar method. It's important to find a balance between new ideas and what users already know.
Additional Resources
If you are interested in knowing more about Traditional vs Socket-Based SSH Activation, check out my blog here.
Top comments (0)