Home A - Z Changelog
Page Index

SSH

Port change

In version from Ubuntu newer than 22.04, the SSHD is controlled by Systemd and no longer with the older process way. To change the port, it needs to be done by changing the config from Systemd

A ssh.socket socket is activated in Systemd to listen to the port, when triggered, it will start the ssh.service (which does not need to be started beforehand, it save memory if no ssh connection is done)

It is done that way on the OVH VPS:

  1. Changing the port in a listen.conf file
    1. sudo nano /etc/systemd/system/ssh.socket.d directory (do not change in /lib/systemd...)
[Socket]
# Uncomment the following line to turn of listening on port 22.
ListenStream=
ListenStream=0.0.0.0:xxxxx

The empty ListenStream is necessary to prevent default port activation. the 0.0.0.0 is for IP v4, use [::] for IP v6. Ubuntu default instruction for port to be IP v6 is not specified.

Use systemctl show ssh.socket to see the config of the socket

  1. Restart the services
    1. sudo systemctl daemon-reload
    2. sudo systemctl restart ssh.socket

It seems, it should be possible to only do the change with

  1. sudo systemctl edit ssh.socket

then do the reload/restart

Then, when calling ssh, do not forget to add -p (see Bitwarden for port)

To check ssh access, use Systemd login:

journalctl -u ssh -n 50 -e --no-pager

In Systemd, 'ssh' without other information is defaulted to service. So ssh.socket needs to be explicit to see the socket instead of the service.

That Systemd logging is used by fail2ban to function.

One info page

On this page
SSH Port change
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9