Enable SSH access through more than one port

I explained some time ago how to configure the SSH service to work on a different port than 22, which is the default port. The objective of this was that all bots, cracking attacks to SSH are by default to port 22 (which I repeat, is the default), so by changing the port we will obtain more security.

But what to do if I want to configure SSH through another port BUT keeping SSH also on port 22? That is, having the need for the server to have SSH on more than one port, say for example on 22 and also on 9122

For this we modify the configuration file of the SSH daemon:

The following commands must be executed with administrative privileges, either with the root user or using the sudo command before the commands

nano /etc/ssh/sshd_config

There we will see something like this:

sshd_config_default

You will see that on line 5 there is something that says: "Port 22", well, we just have to duplicate that line below and change the port number. In other words, for our SSH service to also work for 9122 we must leave it like this:

sshd_config_mod

Then we must restart the service:

service ssh restart

If they use Arch it would be:

systemctl restart sshd

When you want to connect through a port other than 22 remember, you must add -p $ PORT in the connection line, something like this:

ssh usuario@servidor -p 9122

By the way, I recommend you check the sshd_config file from before, there are some very interesting options 😉

regards


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

9 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Rodrigo Pichiñual said

    Good tips to change the default port of ssh ... to prevent attacks on port 22.

    I think that only one port should be left ... and this has to be different from 22 so that the attacks have no effect.

    regards

    1.    KZKG ^ Gaara said

      Thanks for reading 🙂

  2.   dhunter said

    My latest findings have been:

    PermitRootLogin no
    y
    AllowUsers john jack chester…. etc

    With this I limit enough the possibilities of cracking, if you add a good iptables ... well we are.

    1.    KZKG ^ Gaara said

      In fact, I prefer to use PortKnocking 😀

  3.   cr0t0 said

    As always KZKG ^ Gaara, excellent your articles on SSH. With your guides we are losing the fear of TERMINAL

    1.    KZKG ^ Gaara said

      Thank you

  4.   Nebuchadnezzar said

    OOOOOOOOhhhh !!!!

  5.   federico said

    Very good article, wild !!!

  6.   chris said

    Apart from changing the port number, to further limit the attacker's options it is also recommended to disable the login with USER: PASS

    PasswordAuthentication no

    and use private / public key authentication.

    Good post.

    Salu2