Wednesday, 6 July 2016

Make Raspberry Pi More Secure

A couple of simple steps to make Linux (sshd) secure shell more secure, as a follow up to my previous post about setting up ssh access with a secure key:

a) Change the default port

In order to change the default port we need to edit our ssh configuration file and change the default port from 22 to something else:

sudo nano /etc/ssh/sshd_config

Port 22

b) Disable the password

The password is still a vulnerability, so it's best to either change it to something very secure (long and highly randomized) or to disable it completely and limit access to the ssh key itself. To do this we edit the following line in the sshd_config:

# Change to no to disable tunnelled clear text passwords

PasswordAuthentication no