Saturday, 6 July 2013

Ubuntu Server: SSH Hardening - Disable Root Login And Change Port.

  • The easiest way to secure SSH is to disable root login and change the SSH port to something different than the standard port 22. 
  • Before disabling the root login create a new SSH user and make sure the user belongs to the admin group (see step 4. below regarding the admin group).
  • If you change the SSH port also open the new port you have chosen on the firewall and close port 22.
  • Open a Terminal Window and enter :
sudo vi /etc/ssh/sshd_config
  • Change or add the following and save.
Protocol 2
PermitRootLogin no
DebianBanner no
  • Restart SSH server, open a Terminal Window and enter :
sudo /etc/init.d/ssh restart

No comments:

Post a Comment