How to Change the SSH Port on Linux (CentOS, Ubuntu, AlmaLinux)

Changing the default SSH port is a simple way to reduce brute-force attacks. This guide walks you through safely changing the SSH port for CentOS, Ubuntu, and AlmaLinux systems

📝 Step-by-Step Guide

1. Open the SSH Configuration File

sudo nano /etc/ssh/sshd_config

For all three distros (Ubuntu, CentOS, AlmaLinux), the SSH config path is the same.

2. Find and Change the Port Number

• Locate this line:

  #Port 22
  

• Remove the # and change 22 to your desired port (e.g., 2222):

  Port 2222
  

3. Allow the New Port in the Firewall

Ubuntu (with UFW):

sudo ufw allow 2222/tcp

CentOS / AlmaLinux (with Firewalld):

sudo firewall-cmd --permanent --add-port=2222/tcp
sudo firewall-cmd --reload

4. Restart SSH Service

# Ubuntu / Debian
sudo systemctl restart ssh

# CentOS / AlmaLinux / RHEL
sudo systemctl restart sshd

5. Test the New SSH Port

From your local machine, try:

ssh -p 2222 user@your-server-ip

✅ If it works, great! Now block the old port.

6. (Optional but Recommended) Disable Port 22

Once you confirm the new port works:

• Ubuntu:

  sudo ufw delete allow 22/tcp
  

• CentOS / AlmaLinux:

  sudo firewall-cmd --permanent --remove-port=22/tcp
  sudo firewall-cmd --reload
  

🛡️ Tips for SSH Security

• Use key-based authentication instead of passwords.

• Install tools like fail2ban to block suspicious login attempts.

• Don’t pick ports below 1024 unless you know what you’re doing—they often require special privileges.

🧪 Works With: