1) Set a very strong password, keep it in your mind but dont write in somewhere.
2) Disable direct root login
|
1 |
emacs /etc/ssh/sshd_config |
Search for
|
1 |
#PermitRootLogin yes |
Set it as
|
1 |
PermitRootLogin no |
Restart ssh
|
1 |
service sshd restart |
3) Limit user login
|
1 |
AllowUsers username |
Restart ssh
|
1 |
service sshd restart |
4) Disable protocol 1
ssh use 2 protocols, protocol 1 is old and less secure, so enable protocol 2
|
1 |
#Protocol 2 1 |
|
1 |
Protocol 2 |
5) Change ssh port to non standard port
|
1 |
emacs /etc/ssh/sshd_config |
|
1 |
Port 123 #change_me |
Restart ssh
|
1 |
service sshd restart |
Note: If you are running iptables, then dont forget to open that port in iptables before you change it in sshd_config
Please follow and like us:
About shk
Comment Policy:
Your words are your own, so be nice and helpful if you can. Please, only use your real name, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please.