Changing the default SSH port on your Arch Linux server can greatly improve security and reduce the risk of unauthorized access. In this guide, we will walk you through the process of how to change SSH port on Arch Linux system.
Table of Contents
- Backup SSH configuration file
- Edit SSH configuration file
- Restart the SSH service
- Update firewall rules
- Test the new SSH port
Secure Shell (SSH) is a widely used protocol that allows secure remote access to servers and other network devices. By default, SSH listens on port 22. However, changing the default port can help reduce the risk of automated attacks targeting this well-known port number. This tutorial will show you how to change the SSH port on Arch Linux.
How to Change SSH Port on Arch Linux
Backup SSH configuration file
Before making any changes to the SSH configuration file, it is recommended to create a backup. This will allow you to revert to the original settings if something goes wrong. To create a backup, run the following command:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
Edit SSH configuration file on Arch Linux
To change the SSH port, you need to edit the
/etc/ssh/sshd_config file. You can use any text editor, such as Vim or Nano, to edit the file. In this example, we will use the Nano text editor:
sudo nano /etc/ssh/sshd_config
Look for the line that starts with
#Port 22. Remove the “#” at the beginning of the line and change the port number to the desired value, e.g.,
Save the changes and exit the text editor.
Note: Make sure to choose a port number above 1024 and not already in use by another service. You can use the
netstat commands to check for available ports.
Restart the SSH service
After modifying the configuration file, you need to restart the SSH service for the changes to take effect. To restart the SSH service, run the following command:
sudo systemctl restart sshd
Update firewall rules
If you have a firewall enabled on your Arch Linux system, you need to update the firewall rules to allow incoming connections on the new SSH port. In this example, we will assume that you are using the
ufw firewall. To update the rules, run the following commands:
sudo ufw delete allow 22/tcp sudo ufw allow 2222/tcp sudo ufw reload
2222 with the new SSH port you have chosen.
Test the new SSH port on Arch Linux
To test the new SSH port, try connecting to your Arch Linux server using the new port number. From a remote machine, run the following command:
ssh -p 2222 your_username@your_server_ip
2222 with the new SSH port number, and
your_server_ip with the appropriate values for your Arch Linux server.
If everything is configured correctly, you should be able to establish an SSH connection using the new port number.
If you encounter any issues while changing the SSH port or connecting to your Arch Linux server, try the following troubleshooting steps:
- Double-check the
/etc/ssh/sshd_configfile for any syntax errors or incorrect port numbers.
- Ensure that the SSH service is running by executing
sudo systemctl status sshd. If it is not running, try to restart it using
sudo systemctl restart sshd.
- Verify that your firewall rules have been updated correctly to allow incoming connections on the new SSH port.
- Check the logs for any error messages or additional information. The SSH logs can be found in
/var/log/auth.logor by running
sudo journalctl -u sshd.
If you are still unable to resolve the issue, consider reverting to the original configuration by restoring the backup you created earlier:
sudo cp /etc/ssh/sshd_config.backup /etc/ssh/sshd_config sudo systemctl restart sshd
In this tutorial, we have shown you how to change the default SSH port on an Arch Linux system. This simple change can help improve the security of your server by reducing the risk of automated attacks targeting the default SSH port. Remember to update your firewall rules and test the new SSH port to ensure that your server remains accessible after making these changes.
For more tutorials on managing Arch Linux, check out these articles: