A Comprehensive Guide: SSH Port Number and SSH Working

Posted on

A Comprehensive Guide: SSH Port Number and SSH Working

In today’s digital landscape, cyberattacks like data breaches and hacking are increasingly common. Organizations need robust security measures like SSH to ensure secure data transmission. This article provides a detailed look at SSH protocol, including the SSH port number, the default SSH port, and how SSH works. We’ll cover encryption, authentication, commands, and key components that enable secure network communication.

What Is SSH?

SSH (Secure Shell) is a secure network protocol that allows you to safely access and manage remote servers. It replaces insecure protocols like FTP and Telnet, providing a secure communication channel for remote access.

The core features of SSH are data encryption, integrity checks, and identity authentication:

1. SSH encrypts data during transmission, protecting it from eavesdropping.

2. It uses authentication techniques like passwords and cryptographic keys to verify user and device identities.

3. SSH ensures data integrity, confirming that transmitted data hasn’t been altered.

System administrators use SSH to securely manage remote servers and perform administrative tasks. It also enables secure file transfer using SFTP (SSH File Transfer Protocol). Additionally, SSH allows users to create secure tunnels for applications like database access or web browsing.

What Is a Port in SSH?

In networking, a “port” is a virtual endpoint for communication within a computer or network. Different services and applications can use the same physical network connection but maintain separate communication channels through ports.

Ports 0-1023 are “reserved ports” for specific services like HTTP (port 80), HTTPS (port 443), FTP (port 21), and SSH (port 22). This standardization ensures consistency across networks.

The SSH port is the designated endpoint for Secure Shell protocol connections. By default, SSH uses port 22 for communication between servers.

While all SSH communication goes through a designated port, the default port can be changed to any available SSH port number. This facilitates secure and encrypted management or access to remote servers or devices, ensuring safe communication over potentially insecure networks.

How Does SSH (Secure Shell) Work on Port 22?

SSH operates on a client-server model, enabling secure and encrypted communication across networks. It’s frequently used in command-line tools for remote login and terminal applications. Linux users commonly utilize SSH for remote access and server administration. So, how does SSH work on Port 22 specifically?

SSH uses port 22 to establish a secure and encrypted communication channel between a client and a server. Let’s break down how it works:

Step 1: Establish a Connection

The client initiates a connection by sending a request to the server. The server listens on port 22 for incoming SSH connections and responds to the client’s request.

The client and server then perform an encryption handshake, exchanging information to establish a secure connection. They choose encryption methods and exchange cryptographic keys. This process creates a shared secret key used for communication between the client and server.

Step 2: User Authentication

The client then authenticates itself to the server. The main authentication methods are passwords and SSH keys.

Clients can securely transmit encrypted passwords to the server. However, password security depends on the user’s password complexity, and passwords can be a less secure authentication method.

A more secure method involves using SSH public-private key pairs, which rely on asymmetric encryption. The server grants the client access after it successfully decrypts a message using the appropriate key.

After authentication, a secure channel is established. All information exchanged is encrypted to prevent unauthorized eavesdropping.

Step 3: Establish a Secure Channel and Initiate the Session

After the secure channel is set up, an SSH session begins. Within this session, the client can securely interact with the server, sending files, running commands, and performing other authorized actions.

All commands, files, and data exchanged between the client and server during the session are encrypted, ensuring data integrity and preventing tampering.

When the user finishes, they close the connection. Closing the secure channel prevents further communication until a new session is established.

In summary, SSH on port 22 ensures secure data transfer, authenticates the client, and establishes an encrypted communication channel. Its encryption and secure authentication methods make SSH ideal for secure remote access and communication.

How to Generate an SSH Key?

SSH enables users to execute commands on remote servers, manage port forwarding, create tunnels, and more. It supports password authentication and public-key-based authentication.

Public-key-based authentication is generally considered more secure and convenient than password authentication because it uses digital signatures to enhance security.

Here’s how to generate an SSH key on your Linux system:

Step 1: Verify the Old SSH Key File

Before generating a new SSH key, check if you already have one. This prevents overwriting existing keys. Use the following command:

$ ls -l ~/.ssh/id_*.pub

Step 2: Generate an SSH Key Pair

If you get a “No such file or directory” error, you don’t have an SSH key. Proceed to generate one. Use the following command to create a new key pair with 4096 bits and your email address as a comment:

$ ssh-keygen

or

$ ssh-keygen -t rsa -b 4096 -C "useremail@yahoo.com"

Running “ssh-keygen” creates a default 3072-bit RSA key pair. Press “Enter” to store the key in the default location (.ssh/ subdirectory).

You’ll be prompted to enter a passphrase for added security. You’ll need to enter this passphrase to log in to remote machines. To skip the passphrase, press “Enter”. The output will be displayed in the terminal.

Verify successful key generation using this command:

$ ls ~/.ssh/id_*

The generated SSH key pair should be displayed on the terminal, confirming successful key generation.

Step 3: Connect to the Remote Server

Transfer the SSH public key to the remote Ubuntu server that you want to manage. Use the “ssh-copy-id” tool, the recommended method. Run this command on the client machine:

$ ssh-copy-id user_name@server_IPaddress

Replace `server_IPaddress` with your system’s IP.

On the first connection, you may be prompted to confirm. Enter “yes” to proceed. The server will validate the SSH key. You can also manually copy the public key using this command:

$ cat ~/.ssh/id_rsa.pub | ssh username@serverip "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

Replace `username` and `serverip` with the details of your server.

Step 4: Log in with the SSH Key on the Remote Server

Use this command to log in via SSH on the remote server:

$ ssh username@serverIP

If you didn’t set a passphrase for the private key, you’ll log in immediately. Otherwise, you’ll be prompted to enter the passphrase.

Step 5: Disable SSH Password Authentication

To add security, disable SSH password authentication. Log in to the remote server with sudo privileges and open the `/etc/ssh/sshd_config` file with this command:

$ sudo nano /etc/ssh/sshd_config

Find and set the following line to “no”:

PasswordAuthentication no

Save the file and exit.

Restart or reload the SSH service:

$ sudo systemctl restart ssh

Verify that SSH is working correctly before ending the session to ensure that password authentication is disabled.

Commands to Manage the SSH on the Linux System

To install an OpenSSH server, use the following command:

$ sudo apt install openssh-server

To start and stop the SSH service, use the following commands:

$ sudo systemctl start ssh
$ sudo systemctl stop ssh

To check SSH service status, use:

$ sudo systemctl status ssh

To enable an SSH service, use this command:

$ sudo systemctl enable ssh

To reload or restart the SSH service, run this command:

$ sudo systemctl restart ssh

To connect with the SSH server, use the command below:

$ ssh username@remotehost or IP-address

How to Configure SSH Port Number 22 in Firewall UFW?

Ensure that UFW (Uncomplicated Firewall) is turned on. To enable UFW, use:

$ sudo ufw enable

Grant permission for SSH traffic on port 22 in the UFW firewall with the following command:

$ sudo ufw allow 22/tcp

To disable SSH server, block port 22 using the command below:

$ sudo ufw deny 22/tcp

To disable the SSH service access, execute the following commands:

$ sudo systemctl stop ssh --now
$ sudo systemctl disable ssh --now

SSH Implementations for Linux and Windows

Several SSH implementations and clients are used across operating systems:

– OpenSSH (Unix-Based Systems): OpenSSH is the default implementation for Linux and macOS, known for its reliability and pre-installed on most Unix-based platforms.

– PuTTY (Windows): PuTTY is a popular SSH client for Windows with a user-friendly interface for secure remote server connections and auxiliary tools like PuTTYgen for SSH key management.

– SSH in PowerShell (Windows): Microsoft integrated OpenSSH into Windows PowerShell, simplifying SSH use and eliminating the need for third-party applications.

What Is the Default SSH Port Number?

The default SSH port is 22. Every SSH connection initializes through port 22, simplifying configuration and standardizing SSH connections.

However, using port 22 as the default can be a security risk. Changing the default SSH port is recommended to mitigate security problems.

There are 65,536 available communication ports. You can choose one of them to change your SSH port, preventing brute-force attacks.

How to Change the Default SSH Port 22 to Another Port Number?

If you’re involved in important communication that demands security, changing the default SSH port can reduce the risk of brute-force attacks. Attackers commonly target port 22, the default SSH port. Using a different SSH port improves security.

Follow these steps to change the SSH port:

Step 1: Create sshd_config File Backup

Edit the port number in the sshd_config file to change the default SSH port. Back up this file before making changes. Use the following command to create a backup:

$ cp /etc/ssh/sshd_config /etc/ssh/sshd_backup_config

This command creates a copy of sshd_config in the same directory.

Step 2: Changing the SSH Default Port 22

Open the `ssh_config` file to change the SSH default port 22:

$ sudo nano /etc/ssh/sshd_config

This opens the configuration file in the nano editor. Find the following line:

#Port 22

Uncomment this line by removing the “#” symbol and changing the port number. For example, to change it to 45571:

Port 45571

Allow or add this port to your firewall.

Step 3: Restart the SSH Service

After adding it to the firewall, restart the SSH service to load the changes.

$ sudo service sshd restart

The changes take effect after restarting your device. Changing the default SSH port number after acquiring a Linux VPS is an important security measure. You can test the changes without logging out of your current SSH session.

Step 4: Test the SSH Port

When you change the default SSH port 22, mention the new port number when connecting from the client machine to the server.

$ ssh username@userIP -p 45571

Now, your default SSH port is changed to Port 45571.

Conclusion

Leave a Reply

Your email address will not be published. Required fields are marked *