Changing the default SSH port
The default SSH port is 22. In order to mitigate some attacks, it is interesting to change the port to be used in an SSH connection. Of course this will not avoid hacker attacks, just make a little bit harder.
You can start opening
/etc/hosts file, using your preferred editor.
Mine is vim ;).
sudo vim /etc/hosts
Uncomment and change “Port” entry.
To something like
After that, it is mandatory to restart the sshd service. You can do that doing:
sudo service sshd restart
- Number of ports is an unsigned 16-bit integer, so the maximum value is 65535 [0.. 2^16-1].
- It’s recommended to keep the port number in the range [1..1023], because that’s the Well known ports range.
Disabling root access
You can disable SSH root access (for security reasons), commenting the line:
or keeping it uncommented, but setting it as “no”:
It’s recommended to create a user with sudo rights, in order to establish a SSH connection again and run programs with super-user privileges.