Changing the default SSH port
The default SSH port is 22. In order to mitigate some attacks, it is interesting to change the port to be used in an SSH connection. Of course this will not avoid hacker attacks, just make a little bit harder.
You can start opening /etc/hosts
file, using your preferred editor.
Mine is vim ;).
sudo vim /etc/hosts
Uncomment and change “Port” entry.
#Port 22
To something like
Port 622
After that, it is mandatory to restart the sshd service. You can do that doing:
sudo service sshd restart
Tips:
- Number of ports is an unsigned 16-bit integer, so the maximum value is 65535 [0.. 2^16-1].
- It’s recommended to keep the port number in the range [1..1023], because that’s the Well known ports range.
Disabling root access
You can disable SSH root access (for security reasons), commenting the line:
#PermitRootLogin yes
or keeping it uncommented, but setting it as “no”:
PermitRootLogin no
It’s recommended to create a user with sudo rights, in order to establish a SSH connection again and run programs with super-user privileges.