Changing your SSH (abbreviation for Secure Shell) is one of many steps to secure your server against hackers. Every step is vital in the hardening of your server -- one mistake could result in your server getting breached... And we don't want that, do we?
The default port is 22, in this case we'll change it to 1337.
__________________________________________________________________
To connect to your server through SSH you'll need a unix shell. There's many of them, the two most used are PuTTY and zsh, we'll be using PuTTY in this tutorial. I use PuTTY because it contains all the functions I need and it was my first shell so I've stuck with it.
Start up by opening up PuTTY. Put your server IP address or host name where it says Host name (or IP address), in this case I'll be using my host name. The port is 22 by default, if you haven't changed it, you should now be able to connect to your server. Press 'Open'
The first time you connect to your server from a new IP address, you'll get a warning because the server doesn't recognize you. This warning is given because people can carry out MitM (abbreviation for Man-in-the-Middle) attacks, where he will receive your pa**word instead of the server. Press 'Yes' and you'll continue When you've pressed the 'Yes' bu*ton, you'll be seeing a black window. This nickname will most likely be root, unless you've been given another nickname to log in as. After you've entered your nickname, press enter and you'll be prompted for your pa**word. Input your pa**word. Nothing will be seen, not even stars, it'll look like it's blank -- but it's really not.
By now you should be logged in, and it will look something like this: It looks different depending on your server host -- but it's all very identical. It always shows which IP address that was last logged in.
Now you can execute commands on your server. As root you have complete access over your server, you can do whatever you want. Let's start changing the port!
As with every important file you modify, you should ALWAYS (I can't emphasize this enough) back up the file (or files).
We'll start off by typing cp which is the UNIX command to copy files.
Afterwards you type the file you want to copy, which is /etc/ssh/sshd_config
And then you type where you want to copy it, which in this case will be to /etc/ssh/sshd_config_backup Good job! Now to see if we've really backed it up, we'll use the ls command which will list all the files in that certain directory.
Go ahead and type ls /etc/ssh/ See? We have sshd_config, sshd_config_backup and a bunch of other files we won't be doing anything to.
Now when you've securely backed it up, go ahead and open the file up. To open the file up we'll be using the text editor nano because it's very newbie friendly. If you do not have nano installed, you can install it by typing apt-get install nano on Debian based distro (including ubuntu), or yum install nano if you're on a CentOS distro. Press 'Enter'
You'll now see a bunch of text, which can be very confusing -- but don't panic. If there's a # symbol before 'port 22', delete it, this symbol tells the server to ignore everything after it. It's a comment. Now replace '22' with a number you'll remember and is secure enough. Save your changes by pushing the following keys CTRL + X, press 'y', and then press enter.
Grrrrrrrreat job! We're almost there.
You'll now see the screen you first saw in the beginning. We must now restart the SSH service, which is done through typing /etc/init.d/sh restart, press enter. If it gives you the ok with a green text -- you're all done now! Next time you connect to your server use the port you a**igned to the server.