What is SSH port?
The SSH stands for Secure Shell Protocol. It is a method and a protocol created to remote the client and server in either a secure way. It aids in the transmission of data from the client to the server as a protocol. The system encrypts all data before transmission and decrypts it at the other end. A port is required to connect and start all communications between two devices (wired or wireless) over the network using SSH. In this article, we will teach you what is ssh port and all you need to know about it.
What is an SSH port?
You may ask what port is ssh, using an ssh port number leads you to implement the SSH protocol. Once you run the command to start the communication, ssh on port 22 will connect by default. Since SSH port numbers can be changed, any other port numbers are possible to be set if they are available. Hackers can easily hack your transferred data when you are using the default ssh port number. So, if you need very safe communication, change the default SSH port number to it help you not face the brute force attack.
To check what ports are open on your Linux server, you can use the
netstat command. This command will list all of the open ports on your server, including the SSH port. For more information on how to check open ports, please refer to our knowledge base article Check Open Ports in Linux.
How does SSH work?
While you learned the concept of ssh port, in this part, you will learn how SSH port works. Users usually use Telnet, rlogin (remote login), or rsh (remote shell) after purchasing a Linux VPS, which are insecure emulation or login programs. SSH can provide the same features and functions as a replacement for those three. Also, to replace the file transfer program, you can use SSH to replace FTP (File Transfer Protocol) and RCP (remote copy).
When using the SSH protocol, one device serves as the server, and the other serves as the client. The SSH client will make the connection, which will also employ public-key cryptography to confirm the identity of the SSH server. The SSH protocol uses robust symmetric encryption and hashing methods to guarantee the privacy and integrity of the data being sent between the client and server after the connection has been established.
To connect to a remote host for a terminal session, you can easily use SSH by running the command below:
In this way, the client will connect to the server (server.example.com) using the user ID (UserName). While a standard user ID and password can be used to access SSH, public key pairs are more frequently used to authenticate hosts to one another.
Generally, when we work on the SSH protocol, below three steps will be considered:
1- Establishing an SSH connection.
2- Session encryption negotiation.
3- User authentication.
How to use SSH?
At the first use, the SSH terminal for MAC, Windows, and Unix operating systems will be provided by default. Then, SSH connections will helps you to have secure remote access to resources, remote command execution, the delivery of software patches and updates, and other administrative or management duties. SSH is used to control routers, server hardware, virtualization platforms, operating systems (OSes), and systems administration and file transfer programs. It also establishes a secure channel between local and distant computers.
How to modify the default SSH Port?
You must change the sshd_config file to change your default SSH port number. Additionally, keeping a copy of your documents on hand is usually a smart move. Follow the below steps to change the default SSH port.
To start with, use this command to make a backup:
ubuntu@ubuntu:~$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
The file is duplicated in the same directory using this command. The default SSH port number has to be changed next. In any editor, open the ssh_config file. Enter the next command now:
ubuntu@ubuntu:~$ gedit /etc/ssh/sshd_config
This command causes the indicated file to open in a text editor. Look up this line of code:
To change your port number to 5522, simply delete the hash (#) symbol and substitute the required port number for 22 in that case.
Additionally, remember to add this port to your firewall’s whitelist to prevent device lockout. It’s now time to restart SSH. Run the following command after restarting the server in order for the modifications to take effect:
ubuntu@ubuntu:~$ sudo service ssh restart
You can see your modifications as soon as you restart your device. Meanwhile, if you are using CentOS 7 operating system, we have an article that teaches how to change the SSH port in CentOS 7; you can easily change your ssh port number by reading this article.
Capabilities of Secure Shell
Instead of using the less secure Telnet program, SSH may be used interactively to enable terminal sessions. To allow programs and systems to remotely and securely access data and other resources, SSH is frequently used in scripts and other applications.
Let’s review some of its features:
1- Secure automated processes and remote user access to SSH-enabled network systems or devices.
2- File transfers that are interactive and secure.
3- Secure and automatic file transfers.
4- Secure command issuing on distant devices or systems and administration of network infrastructure components securely.
SSH port forwarding
The SSH port forwarding feature allows you to tunnel application ports from the client computer to the server computer or the other way around. It may be used to bypass firewalls, encrypt older software, and some system administrators and IT specialists use it to access the internal network from their personal computers. Additionally, viruses and hackers may exploit it to get access to the internal network via the Internet.
How to set up SSH port forwarding in Linux?
SSH port forwarding, also known as SSH tunneling, is typically used when you need to access a distant service or when a remote computer wants to access a service on your computer. If you need remote access, the server hosting the SSH connection should be publicly accessible and have access to the internet. You must set up port forwarding on your router, select the ssh port that will be permitted over the router, and then provide the machine’s IP address that will accept connections using Port 22 from outside the network. On a Linux system, the SSH components required to connect to a remote server are typically already preloaded, but if not, you may find all the required programs in the package manager of your choice. Now that you have learned about SSH port forwarding in Linux, you may also have questions about port forwarding on Windows. In the article What Is Port Forwarding In Windows? We have comprehensively answered your question and explained how to use it.
No, by creating an exclusive public key pair for each host involved in the connection, the local computer and the remote machine independently authenticate to one another.
For example, if you have changed the port on 5522, you need to mention the port number to establish a connection with the server by running the command below:
ubuntu@ubuntu:~$ ssh username@userIP -p 5522
As a result, it is clear that the procedure is really straightforward and uncomplicated. You just need to run a few commands to get started.
SSh tunnels are powerful tools but they can also transit an enterprise firewall undetected. However, you can use some tools to prevent unauthorized use of SSH tunnels through a corporate firewall.
SSH uses port 22 for communication by default.
In this article, you learned that you could use an ssh port as a network protocol, even if you are a user or a system administrator, to find a secure way to access a device over an unsecured network. To guarantee total data transmission security, a lot of businesses have used the SSH protocol. The SSH port number is 22, however, in many situations where you need to communicate important data, it becomes problematic. We have discussed several SSH features and how they function in this post. With the help of this instruction, you may modify the port number to suit your needs.