A couple of simple steps to make Linux (sshd) secure shell more secure, as a follow up to my previous post about setting up ssh access with a secure key:
a) Change the default port
In order to change the default port we need to edit our ssh configuration file and change the default port from 22 to something else:
sudo nano /etc/ssh/sshd_config
Port 22
b) Disable the password
The password is still a vulnerability, so it's best to either change it to something very secure (long and highly randomized) or to disable it completely and limit access to the ssh key itself. To do this we edit the following line in the sshd_config:
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication no
No comments:
Post a Comment