Dedicated Server with SSH access can create problems for your server can it can be hacked easily thus as owner of your server you need to protect it from intruders accessing your server. You can follow following steps for securing your server having SSH access.
Its always better and recommended to bind sshd to a single IP which should be different from your serve main IP address and should be on different port then 22.
Just follow below steps for securing your SSH server.
SSH into your server using root as your login. You need to use following command at command prompt : pico -w /etc/ssh/sshd_config
You need to find following section
#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::
Uncomment and change #Port 22 to look like Port 3999 (You can choose any 4 to 5 digit port number as per your choice (49151 is the highest port number)
Uncomment and change #Protocol 2, 1 to Protocol 2
Uncomment and change #ListenAddress 0.0.0.0 to ListenAddress 198.32.78.112 (You need to use any one of your own IP that has been assigned to your server)
For some reason if you want to disable direct ROOT login you need to follow following instructions :
Find following code :
#PermitRootLogin yes and uncomment it and make it look like PermitRootLogin no
You need to save this using Ctrl O and then exit using Ctrl X.
Now its time to restart SSH. You can restart SSH using following command at command prompt type: /etc/rc.d/init.d/sshd restart
You need to exit SSH and need to relogin to SSH with new IP and using new port.
Posted under Linux cPanel Hosting, Reseller Hosting, cpanel Hosting, cpanel hosting tips
This post was written by MATIC Actuators on August 31, 2008
