How to restrict and secure SSH access?

To restrict and secure SSH access, bind SSHD to a single IP that is different than the main IP to the server, and on a different port than port 22.

SSH into server and login as root user

Once logged in in command prompt type:

root@admin[]#pico /etc/ssh/sshd_config

Scroll down to the section of the file that looks like this:
Code:

#Port 22
#Protocol 2, 1
#ListenAddress 0.0.0.0
#ListenAddress ::

Uncomment and change

#Port 22

to look like

Port 5678 (choose your own 4 to 5 digit port number (49999 is the highest port number)

Uncomment and change

#Protocol 2, 1

to look like remove 1 from above line

Protocol 2

Uncomment and change

#ListenAddress 0.0.0.0

to look like as follows

ListenAddress 115.186.0.2 (use one of your own IP Addresses that has been assigned to your server,if you are not sure about your local machine ip then browse the URL  http://whatismyip.com/)

Note 1: If you would like to disable direct Root Login, scroll down until you find

#PermitRootLogin yes

and uncomment it and make it look like

PermitRootLogin no

Save by pressing Ctrl o on your keyboard, and then exit by pressing Ctrl x on your keyboard.

Once file save restart SSHD service

root@admin[]# /etc/rc.d/init.d/sshd restart

Do not Logout from current SSH first try to connect Server from duplicate session , and then re-login to SSH using the new IP or nameserver, and the new port.

About Anant 386 Articles
Senior technical writer