How to change SSH port and disable root login

#tips #linux #security #ssh #root

Changing the default SSH port

The default SSH port is 22. In order to mitigate some attacks, it is interesting to change the port to be used in an SSH connection. Of course this will not avoid hacker attacks, just make a little bit harder.

You can start opening /etc/hosts file, using your preferred editor. Mine is vim ;).

sudo vim /etc/hosts

Uncomment and change “Port” entry.

#Port 22

To something like

Port 622

After that, it is mandatory to restart the sshd service. You can do that doing:

sudo service sshd restart


Disabling root access

You can disable SSH root access (for security reasons), commenting the line:

#PermitRootLogin yes

or keeping it uncommented, but setting it as “no”:

PermitRootLogin no

It’s recommended to create a user with sudo rights, in order to establish a SSH connection again and run programs with super-user privileges.