Changing the SSH Port

You should not really need to change the port used for SSH on your MAC, however, for security reasons you may wish to complete this.

Whilst any port / service that is open and available on a device can easily be found and identified by someone who knows what they are doing, often, IT Professionals like to move the default ports on machines as this does offer some additional protection from scripted attacks against common ports.

Whilst we are not suggesting you move your SSH port, if our assessors are unable to scan and assess your MAC, it may be that someone has changed the port address for SSH and you will need to find the port number and provide to Cyber Tec Security. 

To change, and therefore identify your SSH port you can:

  1. Open a Terminal Window on your MAC
  2. Enter the command below:
    sudo nano /etc/services
  3. You will be prompted for the root password (SUDO/Admin password) after which the 'services' configuration file will open.
  4. Press CTRL+W and search for SSH
  5. Look through the file and find the lines that look like this:
         ssh  22/udp  #SSH Remote Login Protocol
         ssh 22/tcp    #SSH Remote Login Protocol
  6. We need to know the port number shown here, which in this case, is the default "22", however, if you wanted to change it, you can edit the number on both those lines.
  7. Press CTRL+X to exit the editor (Select "Y" to save or "N" to quit without saving.
  8. If you made any changes you need to stop and restart the SSH service
    sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist
  9. You will then need to restart the service
    sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist
  10. You have now completed the setup, you can test SSH by attempting to access the machine by SSH on the device itself or remotely on your network
    ssh localhost -p 22