Home A - Z Changelog
Page Index

Blame

91e08f admin 2025-09-03 14:11:38 1 
# SSH
2
3
## Port change
4
5
In version from Ubuntu newer than 22.04, the SSHD is controlled by
6
Systemd and no longer with the older process way. To change the port, it
7
needs to be done by changing the config from Systemd
8
9
A ssh.socket socket is activated in Systemd to listen to the port, when
10
triggered, it will start the ssh.service (which does not need to be
11
started beforehand, it save memory if no ssh connection is done)
12
13
It is done that way on the OVH VPS:
14
15
1. Changing the port in a `listen.conf` file
16
1. sudo nano /etc/systemd/system/ssh.socket.d directory (do not
17
change in /lib/systemd...)
18
19
``` yaml
20
[Socket]
21
# Uncomment the following line to turn of listening on port 22.
22
ListenStream=
23
ListenStream=0.0.0.0:xxxxx
24
```
25
26
The empty `ListenStream` is necessary to prevent default port
27
activation. the 0.0.0.0 is for IP v4, use [::] for IP v6. Ubuntu
28
default instruction for port to be IP v6 is not specified.
29
30
Use `systemctl show ssh.socket` to see the config of the socket
31
32
1. Restart the services
33
1. `sudo systemctl daemon-reload`
34
2. `sudo systemctl restart ssh.socket`
35
36
It seems, it should be possible to only do the change with
37
38
1. `sudo systemctl edit ssh.socket`
39
40
then do the reload/restart
41
42
Then, when calling ssh, do not forget to add -p <port> (see Bitwarden
43
for port)
44
45
To check ssh access, use Systemd login:
46
47
``` bash
48
journalctl -u ssh -n 50 -e --no-pager
49
```
50
51
In Systemd, 'ssh' without other information is defaulted to service.
52
So ssh.socket needs to be explicit to see the socket instead of the
53
service.
54
55
That Systemd logging is used by fail2ban to function.
56
57
[One info page](https://lafibre.info/serveur-linux/changer-le-port-de-ssh-ubuntu-24-04/)