Internet-Security.com TCP port 22 details

TCP port 22 is primarily used by the Secure Shell (SSH) protocol via servers like OpenSSH, Dropbear SSH, and Tectia SSH on Linux/Unix, macOS (Remote Login), Windows (OpenSSH Server), and many embedded systems.
Network gear from Cisco IOS, Juniper Junos, Arista EOS, and Ubiquiti commonly exposes SSH on port 22 for remote CLI management.
SFTP (SSH File Transfer Protocol) runs as an SSH subsystem on port 22, used by clients such as WinSCP, FileZilla, Cyberduck, and OpenSSH sftp.
SCP file transfers use SSH on port 22 via tools like OpenSSH scp and PuTTY’s PSCP.
Developers use Git over SSH on port 22 with GitHub, GitLab, and Bitbucket, and Mercurial over SSH with platforms like Heptapod or self-hosted servers.
rsync often uses SSH transport on port 22 (e.g., rsync -e ssh) for secure synchronization.
Automation tools including Ansible (SSH), Salt-SSH, Fabric, and Capistrano connect over TCP 22 to run remote commands.
VMware ESXi, Synology and QNAP NAS devices, and cloud VMs (AWS EC2, Azure, GCP) commonly enable SSH on port 22 for administration.
Mosh initializes sessions via SSH on port 22 before switching to its UDP channels, and SSH tunneling/port forwarding typically enters via 22.
Security note: Port 22 is a frequent target for brute-force login attempts and scans by botnets, and compromised/default credentials or unpatched SSH services (e.g., outdated OpenSSH/Dropbear builds) are commonly exploited.

TCP 22