Securing an SSH Server

Nobody likes to log into their server and see this!

[andy@bashful ~]$ ssh [email protected]
Last failed login: Sun Feb  8 16:31:28 UTC 2015 from 218.65.30.73 on ssh:notty
There were 31673 failed login attempts since the last successful login.
Last login: Tue Feb  3 19:26:42 2015
[root@bashful ~]# 

Over 31,00 failed root login attempts in just a few days!!

Disable Root Logins

By default (on my system atleast), root logins are enabled. Before you disable root logins, make sure you have setup a regular user and can successfully login with that user using either a strong password or key-based authentication.

[root@bashful ~]# vim /etc/ssh/sshd_config

To change the default setting, search for the following and remove the comment….

#PermitRootLogin yes

…and change the value to no like so.

PermitRootLogin no

Don’t forget to restart SSH.

[root@bashful ~]# systemctl restart sshd.service

Lock-down SSH by User

Add each user that is allowed to login using SSH to the AllowUsers list.

[root@bashful ~]# vim /etc/ssh/sshd_config

Add the AllowUsers directive followed by a list of users.

AllowUsers andy james phil sally sarah harry

Again, you need to restart the service.

[root@bashful ~]# systemctl restart sshd.service

For additional security you could of course change the port to something other than the default TCP 22, but in this example, I simply don’t bother.

Related Documents

Disable or Enable SSH Root Login and Limit SSH Access in Linux

Be the first to comment

Leave a Reply