To restrict and secure SSH access, bind SSHD to a single IP that is different than the main IP to the server, and on a different port than port 22.
SSH into server and login as root user
Once logged in in command prompt type:
root@admin[]#pico /etc/ssh/sshd_config
Scroll down to the section of the file that looks like this:
Code:
#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::
Uncomment and change
#Port 22
to look like
Port 5678 (choose your own 4 to 5 digit port number (49999 is the highest port number)
Uncomment and change
#Protocol 2, 1
to look like remove 1 from above line
Protocol 2
Uncomment and change
#ListenAddress 0.0.0.0
to look like as follows
ListenAddress 115.186.0.2 (use one of your own IP Addresses that has been assigned to your server,if you are not sure about your local machine ip then browse the URL http://whatismyip.com/)
Note 1: If you would like to disable direct Root Login, scroll down until you find
#PermitRootLogin yes
and uncomment it and make it look like
PermitRootLogin no
Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.
Once file save restart SSHD service
root@admin[]# /etc/rc.d/init.d/sshd restart
Do not Logout from current SSH first try to connect Server from duplicate session , and then re-login to SSH using the new IP or nameserver, and the new port.
