DEV Community

Cover image for Cannot use a custom SSH port in Ubuntu 22.10 or above? Here's a fix
Sneh Chauhan
Sneh Chauhan

Posted on • Originally published at snehchauhan.hashnode.dev

4 2 2 2 2

Cannot use a custom SSH port in Ubuntu 22.10 or above? Here's a fix

In recent versions of Ubuntu, specifically from version 22.10 onwards, Ubuntu has shifted from Traditional SSH to Socket-Based SSH activation. This adoption has brought several improvements in system resource utilization and service responsiveness. However, it has also introduced a challenge for users accustomed to configuring their SSH service the traditional way.

Setting up a custom SSH port the old way

In earlier versions of Ubuntu, the process of changing SSH port was straightforward: locate and edit "sshd_config" file (usually in /etc/ssh), adjust the "Port" parameter to the desired port, save and exit the file, open the new port in the firewall, and finally, restart the SSH service. This ensures that SSH would listen on the newly specified port. However, in Ubuntu 22.10 and above, due to the adoption of Socket-based activation, a different method is now required to modify the SSH port. Even the /etc/ssh/sshd_config file includes a section mentioning this:

Port Change Update

Setting up a custom SSH port the "NEW" way

As discussed earlier, in Ubuntu 22.10 and beyond, a new approach using Socket-based activation has been introduced to modify the SSH port. This method leverages "systemd" to handle the SSH service. Here's a step-by-step process for changing the SSH port:

Step 1: Create the necessary directory

  • Open your terminal and execute the following command:
sudo mkdir -p /etc/systemd/system/ssh.socket.d
Enter fullscreen mode Exit fullscreen mode
  • This command ensures that the necessary directories exist for systemd to manage the SSH socket.

Step 2: Create the configuration file (listen.conf)

sudo vim /etc/systemd/system/ssh.socket.d/listen.conf
Enter fullscreen mode Exit fullscreen mode
  • If you want SSH to listen on both port 22 and your custom port 54872, add the following lines:
[Socket]
ListenStream=54872
Enter fullscreen mode Exit fullscreen mode
  • Else, if you want SSH to listen on your custom port "54872 only", add the following lines:
[Socket]
ListenStream=
ListenStream=54872
Enter fullscreen mode Exit fullscreen mode
  • Next, save the file and exit.

Step 3: Reload the systemd manager configuration:

sudo systemctl daemon-reload
Enter fullscreen mode Exit fullscreen mode
  • This will ensure that systemd recognizes the new configuration.

Step 4: Restart the SSH socket:

sudo systemctl restart ssh.socket
Enter fullscreen mode Exit fullscreen mode

Step 5: Verify the change:

  • To confirm that the SSH port has been successfully changed, attempt to connect to your server using the new port, in this case, 54872.
ssh <user>@<your_server_ip> -p 54872
Enter fullscreen mode Exit fullscreen mode
  • If successful, you've now securely configured SSH to use the new port.

Reverting to the Traditional method of setting a custom SSH port

The shift to socket-based activation for SSH in Ubuntu versions 22.10 and above has evoked varied reactions from users. While some acknowledge its potential advantages in efficiency and resource handling, others face difficulties, particularly concerning custom port configurations and the inclination to return to the conventional SSH setup.

Returning to the traditional configuration involves a sequence of five steps. The following commands facilitate its implementation:

sudo rm /etc/systemd/system/ssh.service.d/00-socket.conf
systemctl disable --now ssh.socket
systemctl enable --now ssh.service
sudo systemctl daemon-reload
sudo systemctl restart ssh
Enter fullscreen mode Exit fullscreen mode

Conclusion

Ubuntu's new way of doing things with Socket-based activation brings benefits, but some users find it tricky. Many prefer the old, familiar method. It's important to find a balance between new ideas and what users already know.

Additional Resources

If you are interested in knowing more about Traditional vs Socket-Based SSH Activation, check out my blog here.

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay