Fixing SSH After Port Change Lockout | Generated by AI
Question: How can I fix my server after changing the SSH port from 2222 to 22 and now I can’t connect?
Answer:
You likely locked yourself out due to a mismatch between SSH configuration, firewall rules, or port availability. Let’s walk through the fastest recovery path.
🚨 Most Likely Causes
When you changed from 2222 → 22, one of these happened:
- Port 22 is blocked by firewall
- SSH service failed to restart
- Another service already uses port 22
- Cloud provider / router not allowing port 22
- You edited the wrong config or made a syntax error
🛠️ How to Recover (Step-by-step)
✅ 1. Use Console Access (IMPORTANT)
You cannot fix this over SSH anymore.
Use one of these:
- VPS provider console (AWS / GCP / DigitalOcean / etc.)
- Physical machine terminal
- Hypervisor console (VMware / Proxmox / VirtualBox)
✅ 2. Check SSH status
sudo systemctl status ssh
If it failed, restart:
sudo systemctl restart ssh
If restart fails → config error.
✅ 3. Verify SSH config
Open:
sudo nano /etc/ssh/sshd_config
Check this line:
Port 22
⚠️ Also check:
- No duplicate
Portlines - No syntax errors
Then test config:
sudo sshd -t
If no output → config is valid.
✅ 4. Check if port 22 is actually listening
sudo ss -tlnp | grep :22
If nothing shows → SSH is NOT running on port 22.
✅ 5. Check firewall (VERY COMMON ISSUE)
If using UFW:
sudo ufw status
If port 22 is not allowed:
sudo ufw allow 22/tcp
sudo ufw reload
If using iptables:
sudo iptables -L -n
Make sure port 22 is allowed.
✅ 6. Check if port 22 is already occupied
sudo lsof -i :22
If something else is using it (e.g. another SSH instance or service):
- Either stop that service
- Or revert to port 2222
✅ 7. Quick Recovery (Safest Option)
If you’re stuck, just revert to old working port:
sudo nano /etc/ssh/sshd_config
Change back:
Port 2222
Then:
sudo systemctl restart ssh
✅ 8. Verify before disconnecting next time
Before closing your current session:
ssh -p 22 user@your_ip
Always test new port in a second terminal.
🧠 Pro Tips (Important)
- Always keep at least one active SSH session when changing ports
- Open firewall BEFORE switching port
- You can run multiple ports:
Port 22
Port 2222
This avoids lockout entirely.
🔥 Your Situation (Most Likely Diagnosis)
Based on your description:
👉 90% chance: Firewall still allows 2222 but blocks 22
So SSH is running, but you cannot reach it.
✅ Fastest Fix Summary
From console:
sudo ufw allow 22/tcp
sudo systemctl restart ssh
OR revert:
Port 2222
If you tell me:
- your OS (Ubuntu / CentOS / etc.)
- where it’s hosted (local / VPS)
I can give you a precise 1-command fix.