There was a problem loading the comments.

How to Change the SSH Port on Linux (CentOS, Ubuntu, AlmaLinux)

Support Portal  »  Knowledgebase  »  Viewing Article

  Print

Changing the default SSH port is a simple way to reduce brute-force attacks. This guide walks you through safely changing the SSH port for CentOS, Ubuntu, and AlmaLinux systems

 

📝 Step-by-Step Guide

1. Open the SSH Configuration File

sudo nano /etc/ssh/sshd_config

For all three distros (Ubuntu, CentOS, AlmaLinux), the SSH config path is the same.

 

2. Find and Change the Port Number

  • Locate this line:

    #Port 22
    
  • Remove the # and change 22 to your desired port (e.g., 2222):

    Port 2222
    

 

3. Allow the New Port in the Firewall

Ubuntu (with UFW):
sudo ufw allow 2222/tcp
 
CentOS / AlmaLinux (with Firewalld):
sudo firewall-cmd --permanent --add-port=2222/tcp
sudo firewall-cmd --reload

 

4. Restart SSH Service

# Ubuntu / Debian
sudo systemctl restart ssh

# CentOS / AlmaLinux / RHEL
sudo systemctl restart sshd

 

5. Test the New SSH Port

From your local machine, try:

ssh -p 2222 user@your-server-ip

✅ If it works, great! Now block the old port.

 

6. (Optional but Recommended) Disable Port 22

Once you confirm the new port works:

  • Ubuntu:

    sudo ufw delete allow 22/tcp
    
  • CentOS / AlmaLinux:

    sudo firewall-cmd --permanent --remove-port=22/tcp
    sudo firewall-cmd --reload
    

🛡️ Tips for SSH Security

  • Use key-based authentication instead of passwords.

  • Install tools like fail2ban to block suspicious login attempts.

  • Don’t pick ports below 1024 unless you know what you’re doing—they often require special privileges.


🧪 Works With:

OS Command Tested Firewall Supported
Ubuntu ssh UFW
CentOS sshd Firewalld
AlmaLinux sshd Firewalld

 


Share via
Did you find this article useful?  

Related Articles

Tags

© Softsys Hosting