Linux Tactic

Boost Your Server’s Security with Non-Standard Ports & Change SSH Port in Linux

Secure Shell (SSH) is a widely-used protocol that allows remote access to servers safely, securely, and remotely. SSH uses the default port 22 to establish a connection between the servers, but most experts recommend changing SSH port for security reasons.

In this article, we will delve into the steps required to change the SSH port on Linux systems. We will also discuss how to use Rsync with non-standard ports to transfer files between servers.

Changing SSH Port for Security

By changing the default SSH port, you can protect your system from attackers who try to exploit the vulnerabilities in the default port. Hackers typically scan the default port, so changing the SSH port can reduce the risk of unauthorized access.

Editing SSH Configuration File

The first step is to open the SSH configuration file, which is located in the /etc/ssh/ directory. In here, you will find a configuration file sshd_config.

Open the file with your favorite text editor, and look for the line #Port 22. In a regular file, a # sign represents a commented line.

Remove the # symbol and change the number 22 to your preferred port. Afterward, save the changes and close the editor.

Allowing Port Through Router and Firewall

Next, you must allow the new SSH port through your firewall and router. On Linux systems, iptables is the default firewall.

Allow the new port by entering the following command:

sudo iptables -A INPUT -p tcp –dport your SSH port -j ACCEPT

To make the change permanent across system reboots, save the configuration by running:

sudo iptables-save > /etc/sysconfig/iptables

Restarting SSH Service

The final step is to restart SSH service with the new configuration. Run the following command:

sudo systemctl restart sshd

If you are using an older version of Ubuntu, use the following command instead:

sudo service ssh restart

Congratulations, you have now changed your SSH port. From now on, you must use the new port number to access your server.

Using Rsync with Non-Standard Port

Rsync is a powerful tool that can copy data from one location to another, locally or remotely. In some cases, you might use a non-standard SSH port to connect to the destination server.

In this section, we will discuss how to use Rsync with a non-standard SSH port.

Copying Locally with Rsync

The syntax of Rsync command follows this pattern:

rsync option source destination

Using the -v option, you can obtain the verbose output of the Rsync command. Here is an example to copy a file from one folder to another on the same machine using Rsync:

rsync -v /path/to/file /path/to/copydir/

Connecting to SSH on a Specific Port

To connect to SSH using a non-default port, you must specify the port using the -p option. The syntax is:

rsync -e ssh -p port source destination

Here is an example to copy a file to a remote server using a non-default SSH port:

rsync -v -e ssh -p 2500 /path/to/file remoteuser@remoteserver:/path/to/copydir/

The above command connects to a remote server using SSH on port 2500 and transfers the file to the /path/to/copydir/ directory.

Pushing Local File with Custom SSH Port

To push a file from a local machine to a remote server using SSH and a non-default port, you must specify the SSH port to be used with the -p option. Here is an example to push a file to a remote server using a non-default SSH port a Push Service:

rsync -v -e ssh -p 54321 /path/to/local/filename remote_user@remote_ip:/path/to/remote/filename

The above command sends the file named filename to the remote server at remote_ip address, using the SSH port 54321.

Conclusion

Changing the SSH port is a simple and effective method of securing your server from attackers. We have seen how to change the SSH port, allow the port through the firewall, and restart the SSH service for the changes to take effect.

We have also discussed how to use Rsync with a non-standard SSH port to copy files between servers. It is vital to keep your system secure and up-to-date to avoid potential security breaches.

Regularly changing the SSH port, updating software packages, and using strong passwords are good practices that can help secure your system. With the information provided in this article, you can increase the security of your system, and be confident that your server is secure and ready to serve its purpose.

As mentioned in the previous sections, non-standard ports are an essential aspect of securing systems and transferring data between servers. In this expansion, we will delve deeper into the benefits that non-standard ports offer in terms of security, file transfer, and data backup.

Non-Standard Ports and Security

The Internet is full of malicious actors looking for vulnerable systems to exploit for their gain. The default port 22 for SSH is a prime target for these bad actors.

By moving to a non-standard port, you can make it more challenging for them to gain access to your system as it isn’t the first point of attack because they need to scan the system to know what the non-standard port is. The result is that your system is more secure.

Non-standard ports also deter automated bots used by hackers. Hackers use bots to scan the internet for vulnerable systems and port scanning software to check if the main port is providing any service or not.

When you shift away from the standard port, you reduce the likelihood of automated bots detecting your server and trying to brute-force their way in. Therefore, using a non-standard port is an excellent step a system administrator can make towards hardening the server’s security.

Non-Standard Ports and File Transfer

Non-standard ports are useful in transferring files between servers. In most cases, file transfer protocols use default ports to transfer files.

They tend to omit non-standard ports for transferring files. However, designers of modern file transfer technology keep on upgrading to support the use of non-standard ports.

This upgrade is a necessary improvement as default ports can easily be discovered by malicious parties. Therefore, if you rely on non-standard ports, you have an additional layer of security that improves the integrity of your file transfer.

Non-standard ports offer users options when it comes to channeling files between servers. Some files can use HTTP or FTP file transfer protocols, while others will only use Secure File Transfer Protocol (SFTP) or SSH File Transfer Protocol (SFTP).

Non-standard ports not only allow administrators to create additional security, but they provide a differentiation depending on the needs of the file transfer.

Non-Standard Ports and Data Backup

When it comes to data backup, non-standard ports provide a layer of security to protect data in transit. Data backup is an essential part of continuity planning.

Once in place, you must protect the data during transmission to avoid data breaches. In this respect, non-standard ports become an essential means security protocol as they allow administrators to set up secure backup channels, which can easily be monitored and executed without exposing vital server information.

Some data backup solutions, such as external cloud storage services, provide file transfer through HTTPS protocol, an added layer of encryption. However, HTTPS only provides an additional layer to an already encrypted SFTP channel.

An SFTP channel with a non-standard port provides a much stronger data protection layer. The non-standard port ensures that the encrypted channel through which the data flows genuinely represents secure backup storage while ensuring no data is lost during transfer.

When working with multiple backups, one can use software or tools that support non-standard port backup. For example, an administrator could back up data via Rsync to a remote system using SFTP and a non-standard SSH port.

Once the backup system is set up correctly, backup traffic should use the SSH port, which increases the probability that your backup data is now protected by an additional layer of security.

Conclusion

In summary, non-standard ports have become a handy tool for system administrators, ensuring data is safe during backup, file transfer, and overall server protection from hackers. Non-standard ports are a vital asset that improves server security as it not only makes it difficult for hackers to find your servers, but also improves data security during file transfer, and provides additional security features while using modern backup solutions.

Making use of non-standard ports combined with additional security features provides a higher level of security and added protection from the ever-present threat of hackers on the internet. In conclusion, changing the default SSH port to a non-standard port can enhance the security of your server by making it harder for hackers to gain access.

Changing the SSH port requires editing the SSH configuration file, allowing the port through a firewall, and restarting the SSH service. Additionally, non-standard ports can be used to improve the security of file transfers and data backup.

By using non-standard ports for backup and file transfers, administrators can create an added layer of security to protect data in transit. Overall, the use of non-standard ports is an essential step towards improving server security, protecting data during file transfer, and ultimately ensuring the integrity of your data.

Popular Posts