diff --git a/common/diagnostics.go b/common/diagnostics.go
index 4193c19..21b75e5 100644
--- a/common/diagnostics.go
+++ b/common/diagnostics.go
@@ -25,3 +25,20 @@ func SendDiagnostics(context *glsp.Context, uri protocol.DocumentUri, diagnostic
 	)
 }
 
+func DiagnoseOption(
+	context *glsp.Context,
+	uri protocol.DocumentUri,
+	parser *SimpleConfigParser,
+	optionName string,
+	checkerFunc func (string, SimpleConfigPosition) []protocol.Diagnostic,
+) []protocol.Diagnostic {
+	option, err := parser.GetOption(optionName)
+
+	if err != nil {
+		// Nothing to diagnose
+		return nil
+	}
+
+	return checkerFunc(option.Value, option.Position)
+}
+
diff --git a/handlers/openssh/diagnose-ssh-options.go b/handlers/openssh/diagnose-ssh-options.go
new file mode 100644
index 0000000..0aaef6b
--- /dev/null
+++ b/handlers/openssh/diagnose-ssh-options.go
@@ -0,0 +1,52 @@
+package openssh
+
+import (
+	"config-lsp/common"
+
+	"github.com/tliron/glsp"
+	protocol "github.com/tliron/glsp/protocol_3_16"
+)
+
+func DiagnoseSSHOptions(
+	context *glsp.Context,
+	params *protocol.DidChangeTextDocumentParams,
+) []protocol.Diagnostic {
+	diagnostics := make([]protocol.Diagnostic, 0)
+
+	diagnostics = append(
+		diagnostics, 
+		common.DiagnoseOption(
+			context,
+			params.TextDocument.URI,
+			&Parser,
+			"Port",
+			func (value string, position common.SimpleConfigPosition) []protocol.Diagnostic {
+				if (value == "22") {
+					severity := protocol.DiagnosticSeverityWarning
+
+					return []protocol.Diagnostic{
+						{
+							Range: protocol.Range{
+								Start: protocol.Position{
+									Line: position.Line,
+									Character: uint32(len("Port ")),
+								},
+								End: protocol.Position{
+									Line: position.Line,
+									Character: uint32(len("Port " + value)),
+								},
+							},
+							Severity: &severity,
+							Message: "Port should not be 22 as it's often enumarated by attackers",
+						},
+					}
+				}
+
+				return []protocol.Diagnostic{}
+			},
+		)...
+	)
+
+	return diagnostics
+}
+
diff --git a/handlers/openssh/text-document-did-change.go b/handlers/openssh/text-document-did-change.go
index 072c19d..ff14a02 100644
--- a/handlers/openssh/text-document-did-change.go
+++ b/handlers/openssh/text-document-did-change.go
@@ -34,6 +34,8 @@ func TextDocumentDidChange(context *glsp.Context, params *protocol.DidChangeText
 		)...,
 	)
 
+	diagnostics = DiagnoseSSHOptions(context, params)
+
 	if len(diagnostics) > 0 {
 		common.SendDiagnostics(context, params.TextDocument.URI, diagnostics)
 	} else {