SSH (Secure Shell) uses port 22 by default because it was assigned that port number by the Internet Assigned Numbers Authority (IANA) as its well-known port.
Here's a more detailed explanation:
-
IANA Assignment: The Internet Assigned Numbers Authority (IANA) is responsible for managing IP addresses and port numbers. They assigned port 22 to SSH during the protocol's development and standardization. This allows SSH to be easily recognized and used by systems without requiring manual configuration in most cases.
-
Well-Known Port: Port 22 is classified as a "well-known port," meaning it's in the range of 0-1023. These ports are reserved for common and widely used services like HTTP (port 80), HTTPS (port 443), and, of course, SSH.
-
Ease of Use: Using a standardized, well-known port simplifies the process of connecting to SSH servers. Users can typically connect without needing to specify a port number, as the client software defaults to port 22.
-
Historical Context: When SSH was developed as a secure replacement for protocols like Telnet and rsh, a standard port was necessary for interoperability. Choosing port 22 provided a clear, consistent way to access SSH services across different systems.
Security Considerations:
While using port 22 is convenient, it's also a common target for attackers. Because it's the default, malicious actors often scan for open port 22 connections to attempt brute-force attacks or exploit known vulnerabilities. Therefore, many administrators choose to change the SSH port to a non-standard port as a security measure. This makes it slightly more difficult for attackers to find and target SSH services.
In summary, SSH uses port 22 because it was assigned that port by IANA as its well-known port, facilitating ease of use and standardization. While convenient, this default also presents security risks, leading some administrators to change the SSH port.
