Alternative SSH
What is Port 2222?
Port 2222 is commonly used as an alternative SSH port, deployed by administrators who want to reduce automated brute force attacks targeting the default SSH port 22. By moving SSH to a non-standard port like 2222, servers avoid the constant background noise of automated scanners and bots that probe port 22 across the internet. While this is security through obscurity and not a substitute for proper SSH hardening, it significantly reduces log noise and failed login attempts. Port 2222 is also commonly used by Docker containers running SSH, cPanel's SSH access for cPanel users (non-root), and various hosting providers who separate customer SSH access from system administration.
Common Uses
- Alternative SSH access to reduce brute force noise
- Docker container SSH access
- cPanel user SSH access
- Development environment SSH access
Technical Details
Copy-paste commands to check port 2222 (Alternative SSH) from your terminal
Test connectivity
nc -zv example.com 2222
curl -v --max-time 5 http://example.com:2222/
telnet example.com 2222
nmap -p 2222 -sV example.com
(echo > /dev/tcp/example.com/2222) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 2222/tcp
sudo iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
sudo firewall-cmd --permanent --add-port=2222/tcp && sudo firewall-cmd --reload
Security Considerations
Moving SSH to port 2222 reduces automated scanning but determined attackers will find it through port scanning. Apply the same SSH hardening as port 22: key-based authentication, disable root login, use fail2ban, and keep OpenSSH updated. Port 2222 is well-known as an alternative SSH port, so it's included in many scanning tools.
Popular Ports Reference
The most commonly used and referenced network ports