- Joined
- May 20, 2016
- Messages
- 149
- Points
- 28
All the way in this thread are edited in the file /etc/ssh/sshd_config, after fixed then restart SSH with the command:
1. Change SSH port
Default SSH Server will use port 22 to receive the connection, and it is the port that the scanner is always targeted to a brute force attack. Therefore, do not use the default port 22 change to a different port, such as 5879. Also note that the port number must be less than or equal to 4 digits and should not conflict with other port was used by other software.
To change the SSH port, you find:
Leaving comments and replaced 22 of the port you want to use
2. Do not sign in with the root user
The root user is always very sensitive, so if possible, use a different user to log in and then use the su command to switch to root user.
Note: Please set a password for the root user first. Keep in mind is whether you can use SSH Key and do not allow login with a password, but when switching users then it is still using normally
The first is create a user
And set the password for this user:
If you want to use SSH key for this user, log on to the server with the user has just created and create SSH Key for it
The next is the configuration does not allow root login to the user, by opening the file /etc/ssh/sshd_config and find:
Edit it to
Finally adding this at the end of the file to allow the user forumwebhosting log into SSH:
And from now when you can log on SSH with a user forumwebhosting and type su command, enter the root password to switch to the root user. The downside is this does not apply to SFTP.
3. Only allow SSH login from a fixed IP
If you use dynamic IP, then do not try this, but if you have a static IP address, it is possible to combat the illegal login. Just insert the following in:
Beside these ways, I am looking forward to hearing your ways that you are applying to secure your Linux server.
Code:
service sshd restart
Default SSH Server will use port 22 to receive the connection, and it is the port that the scanner is always targeted to a brute force attack. Therefore, do not use the default port 22 change to a different port, such as 5879. Also note that the port number must be less than or equal to 4 digits and should not conflict with other port was used by other software.
To change the SSH port, you find:
Code:
#Port 22
Code:
Port 5879
The root user is always very sensitive, so if possible, use a different user to log in and then use the su command to switch to root user.
Note: Please set a password for the root user first. Keep in mind is whether you can use SSH Key and do not allow login with a password, but when switching users then it is still using normally
The first is create a user
Code:
useradd forumwebhosting
Code:
passwd forumwebhosting
The next is the configuration does not allow root login to the user, by opening the file /etc/ssh/sshd_config and find:
Code:
#PermitRootLogin yes
Code:
PermitRootLogin no
Code:
AllowUsers forumwebhosting
3. Only allow SSH login from a fixed IP
If you use dynamic IP, then do not try this, but if you have a static IP address, it is possible to combat the illegal login. Just insert the following in:
Code:
ListenAddress 123.45.678