linux how to Secure the SSH Daemon: ochange the listening Port to 2266 oallow only a single non privileged user to connect to the SSH server. oDisable root login entirely.
时间: 2024-02-23 11:59:44 浏览: 15
To secure the SSH daemon on a Linux system, you can follow these steps:
1. Change the listening port to 2266:
Edit the SSH daemon configuration file `/etc/ssh/sshd_config` and change the line `Port 22` to `Port 2266`. Then restart the SSH daemon by running `sudo systemctl restart sshd`.
2. Allow only a single non-privileged user to connect to the SSH server:
Edit the SSH daemon configuration file and add the following lines at the end of the file:
```
AllowUsers username
DenyUsers *
```
Replace `username` with the name of the user who should be allowed to connect. This will deny access to all users except for the specified user.
3. Disable root login entirely:
Edit the SSH daemon configuration file and change the line `PermitRootLogin yes` to `PermitRootLogin no`. This will prevent anyone from logging in as the root user via SSH.
After making these changes, remember to restart the SSH daemon by running `sudo systemctl restart sshd`.