Blog

December 26, 2024

How to Change the SSH Port on a Windows Server

mr rockstar

How to Change the SSH Port on a Windows Server
Cheap Dedicated Server

Changing the default SSH port (typically 22) on a Windows Server is a common security measure. By altering the port, you can reduce the risk of automated attacks targeting the default port. This guide will walk you through the steps to change the SSH port on a Windows Server.

Prerequisites

Before starting, ensure the following:

  • SSH is installed and configured on your Windows Server.
  • Administrative privileges to modify server configurations.
  • A secure connection to the server.

Step 1: Open the SSH Configuration File

  1. Locate the SSH Configuration File: The SSH configuration file is typically named sshd_config. By default, it is located in the installation directory of the SSH server. For example:
    C:\Program Files\OpenSSH\sshd_config

     Locate the SSH Configuration File  

  2. Open the File: Use a text editor such as Notepad or Notepad++ to open the sshd_config file. Run the editor as an administrator to allow edits.

Step 2: Modify the SSH Port

  1. Find the Port Setting: Look for the following line in the sshd_config file:
    #Port 22

    Find the Port Setting

  2. Uncomment and Change the Port: Remove the # and change the port number to your desired value. For example:
    Port 2222

    Uncomment and Change the Port

  3. Save the File: After making the changes, save the file and close the editor.

Step 3: Update the Firewall Rules

  1. Open Windows Firewall:
    • Press Win + R, type firewall.cpl, and press Enter.
  2. Add a New Inbound Rule:
    • Go to Advanced Settings > Inbound Rules.
    • Click New Rule.
    • Select Port and click Next.
    • Choose TCP, enter the new port number, and click Next.
    • Allow the connection and click Next.
    • Specify the profiles (Domain, Private, Public) and click Next.
    • Name the rule (e.g., “Custom SSH Port”) and click Finish.
  3. Remove the Old Port Rule (Optional):
    • Locate the existing rule for port 22.
    • Disable or delete it to close the default port.

Step 4: Restart the SSH Service

  1. Open the Services Console:
    • Press Win + R, type services.msc, and press Enter.
  2. Restart the OpenSSH Service:
    • Locate the “OpenSSH Server” service.
    • Right-click and select Restart.

Step 5: Verify the New Configuration

  1. Test the Connection:
    • Use an SSH client (e.g., PuTTY or OpenSSH) to connect to the server.
    • Specify the new port when connecting. For example:
      ssh -p 2222 username@server_ip

      Test the Connection

  2. Troubleshoot:
    • If the connection fails, ensure the new port is not blocked by the firewall or used by another service.

Conclusion

Changing the SSH port on a Windows Server adds an extra layer of security by reducing exposure to automated attacks. Always ensure the new port is documented and properly configured in your firewall. With these steps, your server is now more secure and better protected against unauthorized access.

 

How to Change the SSH Port on a Windows Server (F.A.Q)

Why should I change the default SSH port?

Changing the default SSH port helps reduce the risk of automated attacks and makes your server less of a target.

What port number should I use for SSH?

Use a port number between 1024 and 65535 that is not already in use by another service.

 

How do I check if the new port is working?

Use an SSH client to connect to the server with the new port. If it fails, verify the configuration and firewall settings.

Can I revert to the default SSH port?

Yes, you can modify the sshd_config file to set the port back to 22 and restart the SSH service.

Popular Blog Posts