If you’ve ever wondered how to edit your SSH configuration on your VPS or dedicated server then look no further! This short tutorial will show you some basic changes you can make to your SSH configuration to improve security and help to teach you more about the software you’re using.
First off, start by logging into your VPS via SSH. If you don’t know how to do this then I suggest going to find a tutorial on how to.
If you don’t have a basic understanding of how to use commands on your system then you may find this tutorial hard to follow.
Once you are logged into the system go ahead and edit this file “/etc/ssh/sshd_config“. You may use whichever file editor you prefer, from here on out we will be using “vi”.
Here is what we would type:
root@semoweb-vps [~]$ vi /etc/ssh/sshd_config
Typing this should bring up a screen similar to this one:
Changing the port
Now that you’ve got the configuration file open let’s go ahead and edit a few values. Let’s start with the SSH port.
Find the line that says #Port 22
– Remove the “#” and type whichever port you’d like it to be, make sure not to assign it to a port that is in use already.
For instance, we’d do it like so: Port: 8192
(make sure to remove the hash! – #)
Always make sure to check your firewall to see if the port you set is allowed through, otherwise you will end up blocking yourself out of your system.
Disallow root login and password logins
If you have another user on your system that you’d like to login instead of using root then you can set SSH to disallow root login. Here’s how…
Find this line on your configuration file:
#PermitRootLogin yes
Change it to this to disable root login on your machine.
PermitRootLogin no
– Don’t forget to remove the #!
To further security you can disable password logins as well, go ahead and change this line:
PasswordAuthentication yes
To this:
PasswordAuthentication no
Lastly, to apply all the changes that you’ve made, you need to save the file and then restart the SSH service as shown below.
service sshd restart
If you have any other tips on what you think is best to edit on the default SSH configuration then let us know in the comments below!
Test out all the settings yourself.