How to change your SSH Port on the Raspberry Pi
About: The latest version of Raspbian disables SSH by default to improve security of the Raspberry Pi. This is a great step of improving internet and network security and I congratulate the Raspberry Pi team for moving forward with this step and making it super easy to enable SSH by simply adding a file called “ssh” into the /boot/ directory.
Enabling SSH allows you to use your Raspberry Pi headless, meaning you can use it without a keyboard and monitor by connecting to it from another computer. The problem still persists that if you have SSH enabled on port 22 hackers can still scan your network looking for an open port 22. They can then attempt to enter your network from the Raspberry Pi and attempt to brute force your username and password.
Changing your SSH port will increase your security assuming a hacker scans your network for default ports only. You will still need to have a secure password and think of using SSH keys to improve security even further. Changing your port number will simply decrease the amount of probe attempts on your port. A non-standard port means that you don’t automatically show up in Shodan or other places that list machines listening on port 22.
Objective: To change our default SSH port number from 22 to another random port number to increase security
Material: You will need the following:
- Raspberry Pi (Click the link to check out the price on Amazon. Usually around $37 with free shipping)
Instructions: Let’s start off by opening the terminal on your Raspberry Pi or by connecting to it over SSH
Type the following command to open the SSH configuration file with nano (basic text editor):
sudo nano /etc/ssh/sshd_config
You should see a line called Port 22. This is the line we will want to change. Simply change the port number from 22 to any number you like. I recommend using a port number higher then 1000. The port number should be less then 65535. Look at the before and after images below of the sshd_config file. You can see I changed my SSH Port number from 22 to 12148.
After changing the port number hit CTRL+X and then Y to save the configuration file. After you do this restart your SSH service with the following command:
sudo service ssh restart
That’s it! You have now updated your Raspberry Pi’s SSH port number. The next time your want to connect to your Raspberry Pi over SSH you will need to use this new port number. You will also need to update your Port Forward settings on your Router if you want to remotely connect to your Raspberry Pi over SSH.