Open Port 22 (SSH): How to Check if It Is Open and Secure

📅 Updated: June 2026 SSH Port 22 Linux Security
Open Port 22 SSH

SSH (Secure Shell) is one of the most widely used protocols for remote server administration. Whether you manage Linux servers, cloud instances, Raspberry Pi devices, VPS infrastructure, or homelab environments, SSH is likely your primary remote access method.

🚀 Test Port 22 From the Internet

Verify whether SSH is actually reachable before modifying firewalls or router settings.

Check Port 22 →

What Is Port 22?

Port 22 is the default TCP port used by SSH. It provides encrypted remote access, secure file transfers via SCP and SFTP, and administrative control over servers and network devices.

Why Check if Port 22 Is Open?

Common scenarios include troubleshooting failed SSH connections, validating new port-forwarding rules, confirming cloud firewall configuration, and auditing server exposure.

Step 1: Verify Your Public IP Address

Before testing connectivity, verify the public IP address assigned to your network. Dynamic IP changes frequently cause confusion when troubleshooting remote access.

Step 2: Test Port 22 Externally

Use the myIP.casa Port Checker to test your public IP and port 22 from outside your network. External testing avoids false positives caused by local routing behavior.

Step 3: Confirm SSH Is Running

sudo systemctl status ssh
sudo systemctl status sshd
sudo ss -tlnp | grep :22

If no process is listening on TCP/22, the port cannot appear open.

Step 4: Review Firewall Rules

Check UFW, firewalld, nftables, iptables, cloud security groups, and hardware firewalls. Any of these can block SSH traffic before it reaches the service.

Common Reasons Port 22 Appears Closed

❌ SSH service stopped
❌ Firewall blocking TCP/22
❌ Incorrect port forwarding
❌ ISP restrictions
❌ Wrong public IP address

Port 22 Open but SSH Still Fails

An open port only means something is responding. Authentication failures, Fail2ban blocks, SSH configuration errors, IP restrictions, or cloud ACLs can still prevent access.

❌ Invalid credentials
❌ Fail2ban ban
❌ SSH listening on another port
❌ AllowUsers restrictions

Security Risks of Exposing SSH

Public SSH services receive continuous automated scanning and brute-force attempts. Secure exposed systems with key-based authentication, strong access controls, logging, and monitoring.

✅ Use SSH keys
✅ Disable password logins
✅ Enable Fail2ban
✅ Restrict by source IP
✅ Keep OpenSSH updated

Should You Change the SSH Port?

Changing the SSH port can reduce automated scanning noise but should never be considered a replacement for proper security controls. Strong authentication remains essential.

🚀 Investigate Network Connectivity

Trace the route between your device and server when SSH remains inaccessible.

Run Traceroute →

Final Checklist

✅ Verify public IP address
✅ Confirm SSH service is running
✅ Test port 22 externally
✅ Review firewall configuration
✅ Validate port forwarding
✅ Secure SSH with keys and Fail2ban

A simple external port test can save hours of troubleshooting and quickly identify whether the problem is the network, firewall, router, or SSH service itself.