In this article we will discuss the port used by the SFTP or SSH file transfer protocol. We’ll also look at how you can customize this port to make you a little safer.
SFTP is a protocol for transferring files between two computers over an encrypted connection. The protocol also allows for multiple file management.
SFTP is essentially a more secure version of FTP. It has all the functionality and versatility of FTP, but works over a more secure connection. It is an SSH subsystem and therefore provides the same level of security.
Also read : How to enable SSH on Ubuntu?
By default, SFTP uses port 22, unlike FTP’s port 21.
Note that SFTP uses the same port for all connections. This gives it an advantage over FTPS, especially when dealing with strict firewalls.
FTP must dynamically open multiple channels to send files. The server and client automatically detect these channels. While this method works, it poses a serious security risk, as each of these ports can be an entry point for an attacker.
Also read : How do you remove undetectable files in Git?
If you plan to use an SFTP server in a public environment, changing the SFTP port can help add an extra layer of security to your network. Ports are essentially gateways and can be used by attackers to gain access to your system,
Standard ports for common protocols such as. B. SFTP are well known and are the first point of attack when your system is compromised. In this case, running your protocols on different ports can help stop an attacker.
Under Linux, the port range 1-1024 is reserved for known protocols and can only be used or connected by the root user. You can use any port in the range 1-1024 for SFTP, but it is recommended to choose a port number higher than 1024.
In the next steps, we will change our SFTP port to 4444,
Step one: Let’s start by opening a new port through the firewall. Use the following command to open our port in the UFW firewall. This is Ubuntu’s default firewall.
sudo ufw allow 4444/tcp
If you are working with CentOS, you will be working with FirewallD. Use the following commands to open a port.
sudo firewall-cmd –permanent –zone=public –add-port=4422/tcp
sudo firewall-cmd –reload
You must also configure SELinux rules to make the new port available.
semange port -a -t ssh_port_t -p tcp 4444
On any other Linux distribution using iptables, you can open a new port with this command.
sudo iptables -A INPUT -p tcp –dport 4444 -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT
Step two: Now we need to configure the location of the SFTP/SSH configuration file in /etc/ssh/. Use the following command to open the file.
sudo nano /etc/ssh/ssh_config
Step three: Look for a line starting at port 22. This line is normally commented out by #. Delete # and replace 22 with the port of your choice.
Step four: Restart the SSH service for the changes to take effect.
sudo systemctl restart ssh
If you are using CentOS, use this command.
sudo systemctl restart sshd
You can check that the SSH daemon is running (or listening) on the new port by entering the following command.
ss -an | grep 4444
Also read : Bash While the loop explained
To use the new SFTP port, invoke the stfp command with the -P option to explicitly specify the port.
sftp -P 4444 [email protected]
If you are using an SFTP client with a graphical interface, such as. B. FileZilla, replace the old port number with the new one.
Also read : How do I install Chrome on Ubuntu?
The one who writes/cuts/films/owns all the technology, and when he’s not around, switches to virtual machine races. You can contact Yadullah at [email protected], or follow him on Instagram or Twitter.
frequently asked questions
How do I change the SFTP port?
sftp mail port
Which port is used by SFTP?
Which port is used by SFTP? Unlike FTP over SSL/TLS (FTPS), SFTP requires only one port to connect to a server: port 22.
Does SFTP use port 21?
Communication protocols The abbreviation stands for File Transfer Protocol. Normally it works on TCP port 21. SFTP is a completely different file transfer protocol that has nothing to do with FTP. SFTP runs through an SSH session, usually on TCP port 22.
Feedback,ssh and sftp on different ports,sftp port 2222,sftp on port 21,sftp port 990,sftp command with port number in windows,sftp url with port,Privacy settings,How Search works,SSH File Transfer Protocol,FileZilla,vsftpd,Core FTP,Pure‑FTPd,CrushFTP Server,See more,WinSCP,File Transfer Protocol,PuTTY,Cyberduck,FTP Voyager,ftps port,sftp port forwarding