Skip to main content

Change SSH Port from 22 to 61613

Hands-On Lab


Photo of

Training Architect





After you start any instance with public access, automated scripts will find you almost immediately and start conducting all sorts of scans and probing. There is no real way to completely stop this. You can confirm this is happening by looking at the log files of any public instance you create. However, we don't need to make it easy for them. A standard scan will usually check for known standardized ports associated with known services. For example, SSH by default runs on port 22 and is the first port any script will check for an SSH service. Now, if we configure SSH service to run on port 61613, the scan script will need to make a broad port sweep to find our SSH service. This is extremely taxing in terms of bandwidth for the attacker, and generally scripts will not check for these ports. That is why it is very important for us to change the port at which SSH operates from 22 to something that is not standardized, making it much more difficult for any one script to find our SSH service.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.