Port 22: SSH Secure Shell

What is Port 22?

Port 22 is the default port for SSH (Secure Shell), a cryptographic network protocol for secure remote login and command execution. SSH replaced insecure protocols like Telnet and rlogin.

Common Uses

• Remote shell access: ssh user@server
• File transfer: SCP and SFTP over SSH
• Port forwarding: Tunneling other protocols
• Git operations: [email protected]:user/repo
• rsync: File synchronization over SSH

Basic Usage

# Connect to server
ssh [email protected]
ssh -p 2222 [email protected]  # Non-default port

# Copy files
scp file.txt user@server:/path/
scp -r folder/ user@server:/path/

# Port forwarding
ssh -L 8080:localhost:80 user@server  # Local
ssh -R 9000:localhost:3000 user@server  # Remote

Key-Based Authentication

# Generate SSH key pair
ssh-keygen -t ed25519 -C "[email protected]"

# Copy public key to server
ssh-copy-id user@server

# Or manually
cat ~/.ssh/id_ed25519.pub >> ~/.ssh/authorized_keys

Security Best Practices

# /etc/ssh/sshd_config

# Disable root login
PermitRootLogin no

# Disable password auth (use keys only)
PasswordAuthentication no

# Only allow specific users
AllowUsers admin deploy

# Change default port (optional)
Port 2222

# Restart SSH
sudo systemctl restart sshd

Fail2Ban Protection

# Install fail2ban
sudo apt install fail2ban

# /etc/fail2ban/jail.local
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 3600

sudo systemctl restart fail2ban

Troubleshooting

# Test connection with verbose output
ssh -v user@server

# Check if SSH is running
systemctl status sshd
sudo ss -tlnp | grep :22

# Check SSH logs
sudo tail -f /var/log/auth.log
journalctl -u sshd -f

# Test connection from another machine
nc -zv server.com 22

Common Issues

• Connection refused: SSH service not running or firewall blocking
• Permission denied: Wrong key, user, or disabled password auth
• Host key changed: Server was reinstalled or MITM attempt
• Connection timeout: Firewall dropping packets