SSH is one of the most commonly attacked services as it provides easy access to full control of a dedicated server. Changing the default SSH port will help prevent an attacker from launching brute force attacks on the default port.
Log in as the server as root (or gain root access by executing sudo su)
Check to see the status of the firewall by executing ufw status
If the firewall is active, then we need to add a rule to allow connections for our new SSH port.
This can be done by executing ufw allow newportnumberhere/tcp
Execute nano /etc/ssh/sshd_config and look for the line that contains Port 22
Change the number 22 to any unused port you’d like
Save and exit by holding down Ctrl and X
Restart the SSH service by executing restart ssh within the command line
For Debian, execute service ssh restart
If you can still access the command line, type ss -tnlp | grep ssh to verify SSH is listening on the new port. (optional)
Start a new SSH session on the new port.
Delete the old firewall rule for the old port by executing ufw delete allow 22/tcp