Home Learn Linux How to use an alternate port for SSH connections in Linux

How to use an alternate port for SSH connections in Linux

Connecting to an SSH server on a non-standard port in Linux enhances security and flexibility. This guide details the steps to establish an SSH connection using an alternate port, covering command syntax and configuration adjustments, ensuring secure and efficient remote access to your servers.

by John Horan
 ssh into a server on a different port in linux

If you’re a Linux user like me, you’ve probably used SSH (Secure Shell) to establish connections with other machines. It’s an incredibly useful tool that provides a secure and efficient way of remotely accessing a machine’s shell. However, when connecting to an SSH server, you may not always find it running on the default port 22. In some cases, the server administrator may have configured it to run on a different port to enhance security and prevent unauthorized access.

Therefore, it is essential to know how to connect to an SSH server running on a non-standard port. The process is relatively straightforward and involves specifying the port number along with the server address when establishing the connection. Let’s dive into this!

Understanding SSH and its default port

SSH is the bread and butter for anyone needing secure remote access to Linux servers. By default, SSH listens on port 22. However, for various reasons such as security through obscurity or port conflicts, administrators often change this.

Why use an alternate port?

Before I show you how to connect using a different port, let’s briefly talk about why. Changing the default SSH port can reduce the noise from automated scans and potential brute-force attacks. It’s not a silver bullet for security but can be part of a larger strategy.

Checking the SSH service status

First things first, ensure that SSH is running on your Ubuntu machine:

sudo systemctl status ssh

If it’s not active, start it with:

sudo systemctl start ssh

Finding the SSH port

If you’re not sure which port SSH is listening on, you can find it using this command:

sudo netstat -tnlp | grep sshd

Connecting to SSH on an alternate port

Now, the fun part! To connect to a server on a different port, use the -p flag followed by the port number. Here’s a simple format:

ssh -p [port_number] [username]@[server_ip_address]

Example connection

For instance, if your SSH server is on port 2222, and you’re trying to connect as user john to a server with IP, you’d use:

ssh -p 2222 john@

Sample output

You’ll see something like this:

The authenticity of host '[]:2222 ([]:2222)' can't be established.
ECDSA key fingerprint is SHA256:NhXREZgk0...3b3Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[]:2222' (ECDSA) to the list of known hosts.
john@'s password: 

After entering your password, you should be logged in!

Configuring the firewall to access SSH via an alternate port

Alright, now that you know how to connect to SSH on an alternate port, there’s a crucial step we shouldn’t overlook – configuring the firewall. If you’re like me, you might have skipped this step initially and spent hours scratching your head over why the connection was not working!

Why is firewall configuration important?

When you change the SSH port, the firewall rules that allowed traffic on port 22 won’t apply to the new port. Without proper configuration, the firewall will block attempts to connect to SSH on this new port.

Configuring the firewall in Ubuntu

Ubuntu typically uses ufw (Uncomplicated Firewall) for managing firewall rules. Here’s how you can allow traffic on your new SSH port.

Check current status

First, check the status of ufw:

sudo ufw status

Allowing the new port

Suppose you’ve changed your SSH port to 2222. You’ll need to allow this port through the firewall:

sudo ufw allow 2222/tcp

This command tells ufw to allow TCP traffic on port 2222.

Applying the changes

After updating your rules, you might need to reload ufw to apply the changes:

sudo ufw reload

Verifying the rules

Finally, check if the new rule is added:

sudo ufw status

You should see something like 2222/tcp ALLOW Anywhere in the output, indicating that traffic on port 2222 is now allowed.

Troubleshooting common issues

  • If the connection still fails, ensure that ufw is running and the rules are correctly applied.
  • Also, double-check if there are any other network devices like routers or cloud firewalls that might be blocking the new port.
  • Incorrect port number: Double-check the port number SSH is listening on the server.
  • Server configuration: Verify the SSH configuration file (/etc/ssh/sshd_config) for any specific settings.

Adding an alternate port to the SSH config file

Great, we’ve covered how to connect to an SSH server using an alternate port and setting up the firewall. But, there’s a nifty trick that can make your life even easier – adding the alternate port to your SSH configuration file. This is particularly useful if you frequently connect to the same server.

Why edit the SSH config file?

Editing the SSH config file allows you to set default options for SSH connections, such as the port number, which saves you from typing the -p option every time. It’s a real time-saver and a feature I personally love for its convenience.

Locating the SSH config file

The SSH client configuration is usually found at ~/.ssh/config on your local machine. If the file doesn’t exist, you can create it.

Editing the SSH config file

Here’s how to add an entry for your server with an alternate port:

  1. Open the config file:
    nano ~/.ssh/config

    You can use any text editor like nano, vim, or gedit.

  2. Add the following lines:Replace YourServerAlias, User, HostName, and 2222 with your server’s details and the new SSH port.
    Host YourServerAlias
        User your_username
        HostName server_ip_or_hostname
        Port 2222

    For example:

    Host myserver
        User john
        Port 2222
  3. Save and close the file:In nano, you do this by pressing CTRL + X, then Y to confirm, and Enter to save.

Connecting using the config file

Now, instead of typing the full SSH command with the -p option, you can connect to your server simply by typing:

ssh YourServerAlias

For our example:

ssh myserver

Benefits of this method

  • Simplicity: You no longer need to remember the port number or the full IP address.
  • Efficiency: It saves time, especially when managing connections to multiple servers.
  • Customization: You can set more than just the port; other options like IdentityFile for specific SSH keys can also be defined per host.

A note of caution

Be careful when editing the SSH config file. An incorrect configuration can lead to connection issues. Always keep a backup of your original config file.


the key to a great SSH experience is a combination of security, convenience, and efficiency. By changing the default port, configuring your firewall appropriately, and setting up your SSH config file, you’re not just securing your connections, you’re also tailoring the experience to fit your needs.

I hope this guide has been helpful to you. If you’ve got any questions or want to share your own SSH tips and tricks, feel free to drop a comment below. Happy SSHing, and stay tuned for more Linux insights!

You may also like

Leave a Comment



FOSS Linux is a leading resource for Linux enthusiasts and professionals alike. With a focus on providing the best Linux tutorials, open-source apps, news, and reviews written by team of expert authors. FOSS Linux is the go-to source for all things Linux.

Whether you’re a beginner or an experienced user, FOSS Linux has something for everyone.

Follow Us


©2016-2023 FOSS LINUX



“Linux” is the registered trademark by Linus Torvalds in the U.S. and other countries.