ssh

  • Security Tip: Disable Root SSH Login and change the default port

    Find and edit sshd_config file:

    sudo vi /etc/ssh/sshd_config

    Find the line with PermitRootLogin. This value is default to yes, change it to no. This ensures that root cannot login through ssh. Now an attacker must know your username(s) instead!

    Next, find the line with Port. Default is 22. Change this to whatever you want (just ensure that you do not have another service running here). E.g. change it to 10101

    Now all you need to do is to reload the sshd service:

    sudo /etc/init.d/ssh restart

    This means nobody can brute force your root login and even if they could, they would still need to find the port on which the service is running - a little more secure setup.