Note: Changing your default ssh port does not guarantee that you won't get hacked. How ever changing the default really helps cut down on the attempts. Please make sure you have other secure practices in place such as strong passwords.
What is SSH?
SSH is program and protocol for securely connecting into remote machines across a network. It allows you to run programs, and do a variety of tasks as if you were sitting at the machine. SSH is very similar to telnet except for it is with encryption to protect the transferred information and authentication.
I have used ssh to remotely connect to different Linux systems and edit configuration files, start and stop services, check mail, run applications, and pull applications to my remote computer such as a web browser. (This can be handy if you are at school or work and they block specific sites.)
Why Move SSH Port?
Many people will change the default SSH port to add another layer of security, or sometimes the default port may be blocked at there work place or school and would like to connect.
Often hackers will use tools to do automated attacks. They will go and scan for the default ssh port and try to get connected using an dictionary attacks. (Meaning, they will trying a huge list of passwords and usernames hoping to get lucky. ) All the more reason to have a secure password.
By moving the default port it just one thing to prevent your system from being targeted.
How to Change the default SSH port:
Before we begin we will will need to find a port that we will want to use. You will need to be careful to not use a standard port for another application because you could run into conflicts.
Many applications will have a default port. For example mail will be on port 25. SSH default port is 22, Microsoft's remote desktop port is 3389...etc. Most people know that the default SSH port is 22 and want something that will be easy to remember. Often they will assign it a port like 922. If you have a look at the link below, you should get an idea of what most of the standard ports are. Just look for an opening. The choice is up to you, just make sure it doesn't conflict with another application. I would recommend something about 2000.
In this example we will change the default ssh port on an Ubuntu server. These steps below will work for the Ubuntu desktop as well as disributions such as Arch Linux, CentOS, Fedora, Linux Mint and OpenSUSE. If you are on a different distribution the configuration file and the command to restart the SSH service may be slightly different.
In these steps we will be doing all the configuration at the command line. If you are using a GUI desktop (Gnome) you can open the terminal by going to Applications > Accessories > Terminal.
The SSH configuration file we will need to edit, is located in /etc/ssh directory. Let's navigate to this location by using the cd command.
Now we will want to edit sshd_config with sudo or the root user. You can use your favorite text editor. If you have not used a text editor in a terminal, I would recommend starting with Nano. To keep things simple we will use the Nano in this tutorial.
sudo nano sshd_config
As you can see once you are in the file towards the top you will see "port 22" is being used.
You can simply change that to a different port. now if you would like you can have ssh run on 2 different ports.
Now we just need to restart ssh for are changes to take effect.
(Note: If you are doing this on a system that has a firewall or uses iptables built in you will need to enable the port as well. An example would be CentOS and iptables.)
sudo /etc/init.d/ssh restart
How to Connect using SSH on the new port:
Note 4321 is the port I am using. Change the port to meed your setup.
from a terminal
ssh -p 4321 user@server-ip-addressssh -p 4321 firstname.lastname@example.org