How to secure your VPS SSH

youssefbasha

SN Confirmed Member
Hello,
I will tell you how to secure your vps ssh by changing port.
1st. Login with SSH (root)
2nd. Type this command
Code:
nano /etc/ssh/sshd_config
You will get this if you are using CentOS
Code:
GNU nano 2.3.1  File: /etc/ssh/sshd_config          
#       $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32$
# This is the sshd server system-wide configuration fi$# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/usr$
# The strategy used for options in the default sshd_co$# OpenSSH is to specify options with their default val$# possible, but leave them commented.  Uncommented opt$# default value.

# If you want to change the port on a SELinux system, $# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

                  [ Read 139 lines ]
^G Get He^O WriteO^R Read F^Y Prev P^K Cut Te^C Cur Pos^X Exit  ^J Justif^W Where ^V Next P^U UnCut ^T To Spel
Changw the port line to
Code:
Port 4/5NUMBERS HERE
And remove the #
EX:
Code:
Port 9988
And then click CTRL + O
And press Enter to save the directory
And then type this command
Code:
service sshd restart
And for Ubuntu do all of these steps but when you want to save do
Code:
service ssh restart
Now reboot or just exit from PuTTy and change the port to 9988 (the changed port) and re connect :)
Reply and rate!
 

hozzaq

New Member
you can also set ListenAddress to your IP if you have static IP address so only you can access, and create VPN on your home network if you travel a lot
 

yo po

New Member
Additionally, a stronger hash function by default is a good thing (sha2 512, or better should keep a would be attacker busy). As well, one may as well disable root login, disable password logins, disable forwarding, and use hosts allowed for key access!

edit:missing )
 
Top