Two ways to protect VPS SSH account security under Linux

If the VPS account is leaked, its loss is very large, so how to enhance the security of the VPS SSH account? The following small series will introduce you to the two ways to protect the VPS account, that is, modify the SSH login port and prohibit ROOT login, let's understand it.

Modify SSH landing port

modify the file: /etc /ssh /sshd_config

Port 22 # The third line or fourth line, if front well No., please delete, modify to 65534 or less.

You can use the vi command or sftp to download the local modification in the remote connection. After modification, use the following command to restart the ssh service

/etc/Init.d/sshd restart#centos system, restart ssh service command

/etc/init.d/ssh restart#debian/ubuntu system, restart ssh service command

Disable ROOT login

More secure settings, use small login and switch ROOT (this method can't upload files with SFTP)

useradd yzgod#Create a new trumpet

passwd yzgod# give trumpet Set the password, you need to enter the same second, pay attention to the prompt

vi /etc/ssh/sshd_config# modified file or this

PermitRootLogin yes# change yes, no, save and exit And restart the SSH service (there are restart commands on it)

Remember, if there is no new trumpet, or small The password is set incorrectly, you have the ban ROOT, you can reboot the system or a snapshot rollback, could no longer log in.

If you don't need a secure environment and you need to use SFTP to manage files, then you can change the port.

The above is a way to protect the security of VPS accounts. If your VPS account is at risk, you may be hacked at any time. The best way is to develop a good habit of using regular software.