Friedrich Ewald My Personal Website

Improving security for SSH

There are two things to increase the security for ssh logins.

Change SSH Port

To change the SSH port, simply edit the sshd_config file with the commmand sudo nano /etc/ssh/sshd_config and change the line Port 22 to something higher. Make sure to stay below 65,000 and don’t use any port which is already used by another service like 80 (web). After changing and saving the file, simply restart the ssh daemon and reload the configuration with sudo /etc/init.d/ssh reload. Done.

Disable password based login for SSH

To disable the password based login for all the users, you can do the following:
# Open the sshd config file
sudo nano /etc/ssh/sshd_config
Disable password authentication with the following settings:
ChallengeResponseAuthentication no
Allow private public key authentication with the following:
RSAAuthentication yes
PubkeyAuthentication yes
Once this is done, restart the SSH daemon to apply the settings.
/etc/init.d/sshd restart
Additional information can be found here.

About the author

is an experienced Software Engineer with a Master's degree in Computer Science. He started this website in late 2015, mostly as a digital business card. He is interested in Go, Python, Ruby, SQL- and NoSQL-databases, machine learning and AI and is experienced in building scalable, distributed systems and micro-services at multiple larger and smaller companies.