What are You Looking For?

Alice
onAugust 7, 2025

What Is TCP Port 22? Understanding SSH & Its Role in Secure Connections

Secure isometric network showing SSH via TCP Port 22 with laptop, servers, and encryption symbols.
6 min read

TCP Port 22 is a network port used by the SSH (Secure Shell) protocol. It allows safe remote access to computers and servers over the internet or a local network. When you connect to a device using SSH, Port 22 is the default way to start that connection. It keeps your data, like passwords and commands, safe by encrypting everything. Port 22 also helps with secure file transfers and can be used to safely access other services. This makes it very important for system admins, developers and IT teams.

Why is Port 22 Important?

Port 22 is among the most commonly used network ports, as SSH plays a vital role in remote system administration and managing devices. Here are some reasons why it is so essential.

  •  Secure Remote Access: Port 22 is used by SSH to provide safe, encrypted access to remote systems.
  •  Encrypted Communication: It protects sensitive data like passwords and commands during transfer.
  •  File Transfers: Tools like SFTP and SCP use Port 22 to securely upload and download files.
  •  Server Management: System administrators depend on it to control servers from any location.
  •  Port Forwarding: It allows secure tunneling of other network services through an encrypted SSH connection.
  •  Authentication Support: Port 22 supports strong methods like public key authentication for better security.
  •  Widely Supported: As the standard port for SSH, it ensures compatibility across different platforms.

 How SSH Works Over TCP Port 22?

SSH runs over TCP, the protocol that ensures data gets delivered reliably using a process called a “three-way handshake” that begins communication between a client and server. Here’s how it works.

  1.  Connection request: Client sends a TCP handshake to the server on Port 22.
  2.  Handshake and key exchange: Server and client exchange key information and agree on encryption ciphers and MAC algorithms.
  3.  Authentication: Client proves identity via password or key pair.
  4.  Session launch: A secure shell session is opened. Commands and data exchanged are encrypted.
  5.  Closing the session: When done, encryption keys are discarded and the connection ends, ensuring no lingering private data.

Client-server diagram showing SSH access through TCP port 22 with encryption symbols.

What Can You Do with SSH on Port 22?

SSH on Port 22 supports several useful features.

  •  Remote shell access: log in and run commands on another computer as if you’re sitting at it.
  •  Secure file transfer: use SFTP or SCP to upload and download files safely.
  •  Port forwarding (tunneling): secure traffic for other services via local, remote or dynamic port forwarding tunnels.
  •  X11 forwarding and GUI forwarding (particularly on Unix-like systems) so graphical applications can run remotely.
  •  Secure internal access: SSH tunnels let you connect securely to internal applications or bypass firewalls.

Main Benefits of SSH over Port 22

  •  Confidentiality: All traffic is encrypted no one can intercept passwords or commands.
  • Integrity: Data includes MACs (message authentication codes) ensuring it isn’t altered on the way.
  • Authentication: Secure key-based authentication ensures both client and server are verified.
  • Versatility: Use SSH for remote command execution, file transfer, tunneling and port forwarding.

SSH Authentication Methods

SSH supports two main ways to authenticate:

1. Password-based login:

You type a username and password.

2.  Public key authentication:

Your public key is saved on the server, while the private key remains safely on your local device. During connection, the server confirms your identity without requiring you to send a password. This is stronger and preferred.

SFTP and SCP: File Transfer Over Port 22

SSH isn’t just for remote access, it’s used to transfer files through.

1. SFTP

a secure file transfer protocol built on SSH, letting you manage, upload and download files over the same encrypted connection.

2. SCP

secure copy, a simpler command-line tool for file transfer that also uses SSH for security.
Both work over Port 22 unless manually changed.

Port Forwarding: Tunneling Services via Port 22

SSH port forwarding (also known as tunneling) lets you route network traffic through your SSH connection.

  •  Local port forwarding: forward a port on your computer to a port on a remote host via SSH.
  •   Remote port forwarding: enables a remote server to initiate a connection back to your local machine.
  •  Dynamic port forwarding:   sets up a SOCKS proxy so multiple applications can route through one SSH connection.
    This is useful for securely accessing internal services or bypassing network restrictions.

 Why Port 22 Was Chosen?

Tatu Ylönen, the creator of SSH, chose port 22 in 1995 because it sat conveniently between Telnet (port 23) and FTP (port 21). He wanted a standard port number that was free and symbolic so SSH could replace those unsecured protocols.

Security Risks of Using Port 22

Because Port 22 is well-known, attackers often scan for it to launch brute-force or automated login attacks. Common issues include.

  • Default root login enabled: giving attackers full privileges.
  • Weak passwords: making brute attacks easier.
  • Outdated cryptographic settings: using weak algorithms or protocols like SSH 1 which has documented vulnerabilities.
  • Back tunneling misuse: SSH tunnels becoming hidden backdoors or bypassing corporate policy.

Best Practices for Securing SSH (Port 22)

To make SSH over Port 22 more secure.

  •  Disable password login: and use only key-based authentication.
  •  Disable root login: (PermitRootLogin no).
  •  Use a non-standard port: (e.g. change SSH to listen on a higher port like 2222) to reduce automated attacks.
  •  Restrict access by IP: (using firewall rules or AllowUsers/AllowGroups).
  •  Use strong ciphers and algorithms, like AES, SHA 2 and Ed25519 keys.
  •  Enable logging and monitoring for login attempts.
  •  Implement tools: such as Fail2Ban to block multiple unsuccessful login attempts automatically.

When Should You Use a Different Port Instead of TCP Port 22?

While TCP Port 22 is the default for SSH, there are times when using a different port may improve security or bypass network restrictions.

  •  Avoiding automated attacks: Changing to a non-standard port (like 2222 or 5022) reduces exposure to bots that scan Port 22.
  •  Bypassing firewalls: Some networks block Port 22. In such cases, running SSH on Port 445 or another allowed port can help.
  •  Honeypot setups: Security teams may leave Port 22 open as a trap and run real SSH on another port.
  •  Multiple SSH services: Running different SSH instances for development, production or sandbox environments on different ports.
  • To switch the port, update the sash config file and restart the SSH service to apply the changes.

Troubleshooting Common Issues with TCP Port 22

Despite its reliability, SSH over TCP Port 22 can sometimes fail to connect. Here are common issues and how to fix them.

  •  Port blocked by firewall: Ensure Port 22 is open on both the server and network firewalls.
  •  SSH service not running: Restart the SSH service using sudo systemctl restart ssh or sshd depending on your system.
  •  Changed port: If SSH was configured to use a different port, update your SSH client to match (e.g. ssh -p 2222 user@host).
  •  IP restrictions: Confirm your IP isn’t blocked by firewall rules or hosts. Deny settings.
  •  Wrong credentials or keys: Double-check usernames, passwords, or SSH key permissions.
  •  Network issues: Verify server availability using ping or telnet host 22.
    Proactively monitoring logs (/var/log/auth.log or /var/log/secure) helps identify and resolve SSH-related issues quickly.

How TCP and Port Numbers Work?

TCP (Transmission Control Protocol) provides reliable streaming between client and server with the well-known three-way handshake (SYN, SYN-ACK, ACK) before actual data flows. Port numbers let multiple services run simultaneously on one device. Port 22 is reserved for SSH and ensures your encrypted tunnel arrives exactly at the SSH service.

Comparing SSH to Other Protocols

  • SSH vs Telnet: Telnet sends everything in plain text so it’s insecure; SSH encrypts to protect passwords and commands.
  •  SSH vs FTP: FTP is unencrypted; SFTP (SSH File Transfer Protocol) encrypts file transfers over Port 22.
  •  SSH vs HTTPS: While HTTPS generally operates on port 443 to secure web traffic, SSH can be configured to use port 443 as a tunnel when port 22 is inaccessible.

Common Use Cases of SSH on Port 22

  •  Remote server administration: System admins log into cloud servers or data center systems.
  •   DevOps and automation: SSH is utilized for running deployment scripts and managing servers efficiently.
  •  Secure file transfers: SFTP and SCP for moving files securely.
  •  Developer workflows: Tunneling local services (e.g. databases) securely over SSH.
  •  Cloud access: Using SSH tunnels or bastion hosts to access protected systems.

 Real World Risks About Port 22

Some devices or environments have default credentials or outdated SSH implementations listening on port 22. That can let attackers gain full control, escalate privileges or crash services just by scanning and exploiting SSH vulnerabilities. That’s why applying patches, disabling unnecessary SSH access and changing defaults is critical.

History of TCP Port 22 and SSH

In 1995, Finnish developer Tatu Ylönen created SSH (Secure Shell) to replace insecure tools like Telnet and FTP, which sent data without encryption. To standardize secure connections, he requested Port 22 from IANA, which officially assigned it to SSH.
This established Port 22 as the standard for encrypted remote access and file transfers. Over the years, SSH advanced into SSH-2, providing enhanced encryption and improved security. Today, Port 22 remains a critical part of secure server management, cloud computing and file transfers across networks.

Conclusion

TCP Port 22 serves as the default “gateway” for the SSH protocol, enabling secure remote access, encrypted file transfers and protected tunneling. SSH keeps your data private, verifies who you’re talking to and ensures nothing is tampered with. To use it safely, prefer key based logins, change the listening port, when possible, restrict access, keep systems updated and monitor who connects. Learning how SSH works, why Port 22 matters and how to harden it will give you strong, safe remote control over systems anywhere.

Alice
onAugust 7, 2025
Share
Previous Article

OnePlus Nord 5 review mid-range phone packed with AI power

Next Article

Apple Releases iOS 18.6 to Patch Critical Security Threats "Update Immediately"

Read Next

4 Min Read
Top Google Searches in 2022
Tech Bonafide
onJanuary 19, 2023

Top Google Searches in 2022

By 2023, it is estimated that Google will handle over 8.5 billion searches per day. This is an increase of over 20% from the current number of…
5 Min Read
Android 13
Tech Bonafide
onJanuary 19, 2023

Android 13

In 2022, Android 13 became stable for the first time, and since then, it has been rolling out too many of the best Android phones, with the…
6 Min Read
iPhone 14
Tech Bonafide
onJanuary 20, 2023

iPhone 14

The most affordable iPhone available right now is the Apple iPhone 14. Its processor shifts laterally, moving up to the ordinary iPhone from…