Secure SSH using Port Redirection
Secure Shell (SSH) is defined as a network protocol to operate network services securely over an unsecured network. The standard TCP port for SSH is 22. The best application of SSH is to remotely login into computer systems users.
In this article, I will show you how you can change the TCP port 22 to another port address. It will help you to secure your SSH connection. There are some other ways to secure the SSH connection, but it’s one of them.
Methods Used:
- Install SSH Server
- Port Forwarding
Download SSH Server
Before forwarding the port address, we have to install an SSH server on our system. To do that you have to follow some steps.
1. Open Your Terminal
Open your terminal or use this shortcut to open the terminal: ctrl
+ alt
+ t
2. Download the SSH server
After opening the terminal you have to install openssh-server. To install it, just use this command sudo apt install openssh-server
Port Redirection
First, let’s check which port address SSH using. To check this we’re going to use Nmap.
Using Nmap to Check SSH Port
Step 1:
If you don’t have Nmap on your system, you can install it using this command: sudo apt install nmap
Step 2:
To scan a system you have to use this command sudo nmap [system ip address]
. In my case, the IP address is 192.168.0.106 and for that, my command will sudo nmap 192.168.0.106
We can see that SSH is using port 22.
Change the port address
Now you will change the port address 22 to another one. Just follow my step to do that.
Step 1:
Navigate to /etc/ssh and we will find a file named sshd_config in the machine.
Step 2:
Open the file sshd_config using the nano command. The command will be sudo nano sshd_config
Step 3:
Now change port 22 to port 2222 as shown in the below screenshot and save the changes made in the sshd_config file. Hence, in this way we have forwarded the port from 22 to 2222.
Read More: How to jam Wi-Fi network
Confirm Port Forwarding
Now to confirm port forwarding, we will again scan the system SSH address using Nmap.
The output of the Nmap shows that TCP port 2222 is opened; however, shows EthernetIP-1 in the service description which doesn’t give an exact description of the service running. So we will run the following Nmap command with the version detection option nmap -sV 192.168.0.106
With the next output of Nmap, it is clearly visible that SSH services are running on TCP Port 2222 along with the description of the OpenSSH version.
Disclaimer: If it shows port 22 after changing the port address on the sshd_config file. All you have to do is, just run this command sudo service ssh restart