Security by obscurity is a known term in the world of computers and one way to make it more troublesome for people trying to bruteforce your VPS is to change the Port that ssh listens to, follow these simple steps and you should be good to go:
As a precaution we copy the configuration file to a backup copy if something goes wrong.
|
1 |
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.old |
Open the SSH config file with your favourite editor (I use nano):
|
1 |
nano /etc/ssh/sshd_config |
Look for the Port variable:, it could be commented out, like this:
|
1 |
#Port 22 |
or enabled, like this:
|
1 |
Port 22 |
or it could even be missing.
What we would like it to look like is this (change 1234 to the Port you want to use):
|
1 |
Port 1234 |
Exit and save the file.
If you have a firewall running, make sure that the new port is opened before we restart the ssh daemon. Restart ssh by running the following command:
CentOS
|
1 |
service sshd restart |
Debian
|
1 |
/etc/init.d/ssh restart |
What ever you do now, do NOT disconnect the open connection or you might end up with a VPS that you can not connect to at all.
Try to connect to the port that you assigned
Linux (change 1234 in the example below to the Port you used):
ssh root@192.168.100.100 -p 1234
Windows (change 22 in the example below to the Port you used):
If the connection times out or is refused, you can either troubleshoot or restore the old configuration by running the following command:
|
1 |
cp /etc/ssh/sshd_config.old /etc/ssh/sshd_config |
and restart the ssh service again.
2 comments for “Change the Default Listening Port for SSH”