The default port for the SSH protocol is port 22. Bots scan it along with other standard ports. Since the attack in most cases is not targeted. To cut off unnecessary traffic and secure the server, we will replace the standard port with our own.
This guide is written for users of the UFW firewall as the base for Ubuntu.
Steps to Change the SSH Port
Change port 22 to a new one in the sshd_config file.
Внести новый порт в список разрешенных UFW. Add the new port to the list of allowed by UFW.
Restart the sshd service.
Replace port 22 with a new one
The port number must not exceed 65535
Most often, the ssh config file is located at /etc/ssh/sshd_config
The exact location can be found with the command find / -name "sshd_config"
Let's edit it.
How? You need to find the line Port 22, and if it is commented out, remove the # symbol, and also enter a random number instead of port 22, for example 1234.
sudo nano /etc/ssh/sshd_config
After making changes, save and exit the file ctrl+x --> y --> Enter
Add the new port to the allowed list for UFW
sudo ufw allow 1234/tcp
sudo ufw deny 22
If we do not update the permissions of the brandmauer, then after restarting the sshd service, we will lose access to the server via the SSH protocol.
If you still lose the ability to log in via SSH connection, then there are always two solutions:
Log in to the server through the console from the personal account of the hosting provider. Tested on Vultr/Digital Ocean.
