SSH Port Checker
Test if SSH port is open and accessible on any server.
Client-side only — nothing leaves your browser
What is an SSH Port?
SSH (Secure Shell) uses port 22 by default for encrypted remote access to servers. When you can't connect via SSH, the first step is checking if the port is open and reachable. This tool tests TCP connectivity from our servers to your target, helping diagnose firewall issues, misconfigurations, or network problems.
Common SSH Ports
| Port | Usage |
|---|---|
| 22 | Default SSH port (IANA assigned) |
| 2222 | Common alternative (Docker, dev environments) |
| 22222 | Secondary alternative for security through obscurity |
| 443 | SSH over HTTPS port (bypasses restrictive firewalls) |
Why is my SSH port closed?
- •SSH service not running — Check with
systemctl status sshd - •Firewall blocking — Check iptables, ufw, or cloud security groups
- •Wrong port — SSH might be configured on a non-standard port in /etc/ssh/sshd_config
- •NAT/Router issue — Port forwarding may not be configured for internal servers
- •Server offline — The machine might be powered off or unreachable
Frequently Asked Questions
Is SSH TCP or UDP?
SSH uses TCP exclusively (not UDP) because it requires reliable, ordered delivery for secure shell sessions. TCP's connection-oriented nature ensures encrypted data arrives intact and in sequence, which is critical for interactive terminal sessions. The default port is TCP 22.
Is SSH port 22 secure to expose to the internet?
Port 22 itself is secure when SSH is properly configured. However, exposing it invites brute-force attacks. Best practices include: using key-based authentication (disable passwords), implementing fail2ban, using a non-standard port, and restricting access via firewall rules to known IPs when possible.
What's the difference between 'closed' and 'filtered'?
A 'closed' port responds with a TCP RST packet — the port is reachable but nothing is listening. A 'filtered' port gives no response (timeout) — usually a firewall is dropping packets silently. Both prevent SSH connections, but filtered suggests firewall configuration, while closed suggests the SSH service isn't running.
Can I SSH over port 443 to bypass firewalls?
Yes, many restrictive networks (hotels, airports) only allow ports 80 and 443. You can configure SSH to listen on 443 if you don't need HTTPS on that server. Tools like sslh can multiplex SSH and HTTPS on the same port by detecting the protocol.
Why does the port show open but I still can't connect?
An open port means the TCP connection succeeds, but SSH authentication is separate. Issues could include: wrong username, SSH key not accepted, password authentication disabled, user not in AllowUsers list, or SSH banner exchange failing due to protocol mismatch.
Related Tools
Need to manage SSH connections?
SSH Workbench lets you connect, browse files, and manage servers visually.
Try SSH Workbench Free