For an internet facing SSH server, it is probably common practice to have sshd listening on a non-standard port. Coupled with key pair authentication, this reduces the profile you present to simple brute force attacks.
Connecting to a SSH server on a non standard port is relatively simple:
ssh -p
You may however need to copy files from the SSH server on an alternate port. Easy:
scp -P
But what happens if you’re using a proprietary client other than scp from the console that won’t support non standard ports?
The simplest way to do this I found is with port forwarding.
First, and you will need to be root to do this, forward the priveleged port 22 on your local machine to the remote port on the target:
sudo ssh -p
Then after that your client can just talk to localhost and it will be bound to the forwarded port on the remote host:
scp username@127.0.0.1:/path/to/remote/file ~/home/path/to/local/file
Now your proprietary apps can talk merrily away. By the way, this is an extremely good method for running Microsoft RDP sessions over a secure SSH tunnel:
ssh -p
Then just use remote desktop but point it to local host:
mstsc /v:127.0.0.1