SSH Hardening

SSH Hardening



1. Change Port number


Search for the line containing #Port 22
change the # and also change the port number to any other non using port.
Open the new port in the firewall.


2. Disable direct root logins at the SSH and Create another user for login to ssh.


Open ssh configuration file, /etc/ssh/sshd_config
Replace "Protocol 2, 1" to "Protocol 2" and uncomment
Replace "PermitRootLogin yes" to "PermitRootLogin no"

The following steps will create a new user for SSH login.

# useradd admin

# passwd admin

# usermod -g wheel admin

# chgrp wheel /bin/su

# chmod 6750 /bin/su


Restart SSH once you finished the above steps.

# /etc/init.d/sshd restart


Try to ssh to the new user with the new port...

Note: If you are using any firewall, allow the new ssh port in it

This entry was posted by Arun Ghosh. Bookmark the permalink.