SSH Port

Secure Shell (SSH) is a cryptographic protocol that securely transports data over an unsecured network (see RFC 4253).

The IANA has assigned port 22 (tcp) as the default port for the Secure Shell protocol.

Why Port 22?

While Secure Shell is not one of the first internet protocol standards it is a rather old one. Today, all port numbers under 100 are assigned to services and most of the priviledged ports are taken as well (see IANA port assignments ).

But in 1995 when Tatu Ylonen developed the SSH protocol, there were still gaps in the list of numbers and he found that the slot between the FTP protocol (port 21) and the Telnet protocol (port 23) was not yet taken, so he just applied for it, and the request was granted within 24 hours (these were clearly different times).


Altenative SSH Ports

Today it is not unusual to change the port where a server accepts SSH connections.

The reasoning behind this is, that because hacking attacks to access computer via SSH are very common, if an attacker does not know on which port the computer accepts Secure Shell connections, they can not attempt to hack it.


Setting Alternate Ports on the Server

To set a Linux OpenSSH server to a different port, proceed like this:
  • Open the sshd_config file in a text editor. On most distributions, the location for this file is
  • Look for the line
    #port 22
    uncomment it and change the port number, e.g.
    port 64022
  • Restart the ssh server. Depending on your Linux distribution and version this will be done either via
    sudo service sshd restart
    sudo /etc/init.d/ssh restart

Connecting to an Alternate SSH Port

When using the OpenSSH ssh command on Linux, the -p <port> option can be used to specify the port number on the destination server, e.g.

ssh -p 64022

On GUI SSH clients like ZOC Terminal the connection window will have a field named "port" where you can enter the alternate port number. In some cases, you can append the port number to the host name, separated by a colon, e.g.

