diff --git a/admin/admin b/admin/admin
index 70af277de..0db70b6d8 100755
--- a/admin/admin
+++ b/admin/admin
@@ -209,7 +209,7 @@ function sshExec(ip, cmds) {
     var sshClient = new SshClient();
     sshClient.connect({
         host: ip,
-        port: 919,
+        port: 22,
         username: 'root',
         privateKey: fs.readFileSync(privateKey)
     });
diff --git a/admin/cloudronLogin b/admin/cloudronLogin
index 8b92662fe..4e62de8c7 100755
--- a/admin/cloudronLogin
+++ b/admin/cloudronLogin
@@ -14,4 +14,4 @@ if [[ ! -f "${ssh_keys}" ]]; then
     exit 1
 fi
 
-ssh root@$1 -p 919 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ConnectTimeout=10 -i "${ssh_keys}"
+ssh root@$1 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o ConnectTimeout=10 -i "${ssh_keys}"
diff --git a/images/createDigitalOceanImage.sh b/images/createDigitalOceanImage.sh
index 11eef464c..4561c6f74 100755
--- a/images/createDigitalOceanImage.sh
+++ b/images/createDigitalOceanImage.sh
@@ -145,16 +145,23 @@ echo "Copying installer source"
 cd "${INSTALLER_DIR}"
 git archive --format=tar HEAD | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "root@${droplet_ip}" "cat - > /root/installer.tar"
 
-echo "Copy over certs"
-scp -r -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "${INSTALLER_DIR}/../keys/installer/" "root@${droplet_ip}:/home/yellowtent/installer/src/certs/"
-scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "${INSTALLER_DIR}/../keys/installer_ca/ca.crt" "root@${droplet_ip}:/home/yellowtent/installer/src/certs/"
-
 echo "Executing init script"
 if ! ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "root@${droplet_ip}" "/bin/bash /root/initializeBaseUbuntuImage.sh ${installer_revision}"; then
     echo "Init script failed"
     exit 1
 fi
 
+echo "Copy over certs"
+scp -r -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "${INSTALLER_DIR}/../keys/installer/" "root@${droplet_ip}:/home/yellowtent/installer/src/certs/"
+scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "${INSTALLER_DIR}/../keys/installer_ca/ca.crt" "root@${droplet_ip}:/home/yellowtent/installer/src/certs/"
+
+echo "Shutting down droplet with id : ${droplet_id}"
+ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "${ssh_keys}" "root@${droplet_ip}" "shutdown -f now" || true # shutdown sometimes terminates ssh connection immediately making this command fail
+
+# wait 10 secs for actual shutdown
+echo "Waiting for 10 seconds for droplet to shutdown"
+sleep 30
+
 echo "Powering off droplet"
 power_off_droplet "${droplet_id}"
 
diff --git a/images/initializeBaseUbuntuImage.sh b/images/initializeBaseUbuntuImage.sh
index 2a849d214..a993b1524 100755
--- a/images/initializeBaseUbuntuImage.sh
+++ b/images/initializeBaseUbuntuImage.sh
@@ -39,7 +39,7 @@ iptables -P OUTPUT ACCEPT
 # NOTE: keep these in sync with src/apps.js validatePortBindings
 # allow ssh, http, https, ping, dns
 iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-iptables -A INPUT -p tcp --dport 919 -j ACCEPT # ssh
+iptables -A INPUT -p tcp --dport 22 -j ACCEPT
 iptables -A INPUT -p tcp -m tcp -m multiport --dports 80,443,886 -j ACCEPT
 iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
 iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
@@ -63,9 +63,6 @@ iptables -A INPUT -j LOGGING # last rule in INPUT chain
 iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7
 iptables -A LOGGING -j DROP
 
-echo "==== Move ssh to port 919 ==="
-sed -i "s/^Port .*/Port 919/" /etc/ssh/sshd_config
-
 echo "==== Install btrfs tools"
 apt-get -y install btrfs-tools