Port 20022 belongs to the registered ports range (1024-49151), a middle tier of port assignments managed by the Internet Assigned Numbers Authority (IANA). Unlike well-known ports (0-1023) that require formal approval and privileged access, registered ports are available for applications and services that need a stable, recognizable port number but don't require special system privileges.12
Port 20022 has no official assignment. IANA's registry shows it as unassigned—no protocol claims it, no RFC defines it, no company registered it. It's an empty door in the hallway.
The Unofficial Use: SSH and SFTP
Despite having no formal assignment, port 20022 has found practical use as an alternate SSH and SFTP port. System administrators configure SSH servers to listen on port 20022 instead of (or in addition to) the default port 22.34
Why move SSH to a different port? The standard port 22 is constantly hammered by automated bots scanning the Internet for vulnerable SSH servers. Changing to port 20022 or similar high-numbered ports reduces this noise—fewer failed login attempts in your logs, less bandwidth wasted on bot traffic, quieter security alerts.56
This is security through obscurity, and every security professional will tell you the same thing: it's not a primary defense. A determined attacker can port-scan your server and find SSH on port 20022 just as easily as port 22. The protocol is the same. The vulnerabilities are the same. The need for strong authentication remains the same.7
But obscurity does reduce automated attacks. Most bots target port 22 because that's where SSH usually lives. Moving to port 20022 makes you invisible to the laziest attackers—which, statistically, is most of them.
Real Security Measures
If you're running SSH on port 20022, that change should be accompanied by actual security measures:8
- Public key authentication instead of passwords
- Fail2ban or similar tools to block repeated failed login attempts
- Strong passwords if you must use password authentication
- Firewall rules limiting which IP addresses can connect
- Regular security updates to patch SSH vulnerabilities
The port number is the least important item on that list.
How to Check What's Listening on Port 20022
If you want to see what service (if any) is using port 20022 on your system:
On Linux or macOS:
On Windows:
If nothing returns, the port is available. If you see a process ID, that's what's using it.
To test if a remote server has port 20022 open:
Why Unassigned Ports Matter
The existence of unassigned ports like 20022 creates flexibility in the port number system. Not every service needs official blessing from IANA. Sometimes you just need a port that won't conflict with anything else—for SSH, for a custom application, for internal services that will never touch the public Internet.
The registered ports range (1024-49151) serves as a commons—officially available for registration, but also available for informal use when you need a stable number and nothing else is using it. Port 20022 is one of thousands of these empty doors, and SSH administrators have collectively decided it's a useful place to run their service.
It's spontaneous order in the Internet's nervous system. No RFC required.
The Reality
If you see traffic on port 20022, it's probably SSH or SFTP. If you're setting up an alternate SSH port and want to avoid conflicts, 20022 is a reasonable choice—it's memorable (20022 ≈ 2×port 22), it's in the registered range, and it's high enough to avoid most well-known services.
Just remember: the port number is camouflage, not armor. Real security comes from strong authentication, careful configuration, and staying current with patches. Port 20022 might reduce the noise, but it won't stop someone who's actually looking for you.
Esta página foi útil?