Nobody likes to log into their server and see this!
[andy@bashful ~]$ ssh [email protected] Last failed login: Sun Feb 8 16:31:28 UTC 2015 from 218.65.30.73 on ssh:notty There were 31673 failed login attempts since the last successful login. Last login: Tue Feb 3 19:26:42 2015 [root@bashful ~]#
Over 31,00 failed root login attempts in just a few days!!
Disable Root Logins
By default (on my system atleast), root logins are enabled. Before you disable root logins, make sure you have setup a regular user and can successfully login with that user using either a strong password or key-based authentication.
[root@bashful ~]# vim /etc/ssh/sshd_config
To change the default setting, search for the following and remove the comment….
#PermitRootLogin yes
…and change the value to no like so.
PermitRootLogin no
Don’t forget to restart SSH.
[root@bashful ~]# systemctl restart sshd.service
Lock-down SSH by User
Add each user that is allowed to login using SSH to the AllowUsers list.
[root@bashful ~]# vim /etc/ssh/sshd_config
Add the AllowUsers directive followed by a list of users.
AllowUsers andy james phil sally sarah harry
Again, you need to restart the service.
[root@bashful ~]# systemctl restart sshd.service
For additional security you could of course change the port to something other than the default TCP 22, but in this example, I simply don’t bother.
Related Documents
Disable or Enable SSH Root Login and Limit SSH Access in Linux
Be the first to comment