Simple shh security

As world wide web is full of bots who try to brake anything the can it's important to have secure server. First of all you should have secure password. This is very important. Like for example you have user named "root" and password "root12345", it's almost granted you will be hacked! :) As my projects grow i moved from shared hosting to vps hosting and now the fun starts, now i'm getting attacks from automated scripts who try to login in my vps. So i make some little security tip here: What you should do after getting vps. So basically when you get vps the company will give you access username and password. (username will be "root" in most of cases.) So automated scripts don't have to think a lot.. so basically they will try to login using root user or some other common username with random passwords. So here i thought i have to do something..

How to improve SSH server security

So basically what i did is disabled access for root user and allowed ssh access only from one username. I think it's simplest thing that all people who own vps should do..

Step 1. Add new user (but use NOT common names)

adduser mynamemysurname123

Step 2. Add secure password

passwd mynamemysurnamepassword123

Step 3. Add root rights

echo 'mynamemysurname123 ALL=(ALL) ALL' >> /etc/sudoers

Step 4. Edit ssh config nano /etc/ssh/sshd_config Change PermitRootLogin and at bottom add AllowUsers

PermitRootLogin no
AllowUsers mynamemysurname123

Step 5. Restart ssh

/etc/init.d/sshd restart OR service sshd restart

Step 6. Test if it works.

DONT LOCK YOU SELF OUT. Test from other terminal that you can login, before closing working terminal.

SSH security tips

  • Have secure username (Don't use root username)
  • Have secure password (Don't use passwords like 12345)
  • Allow access only from specified users
  • Block ip addresses that you don't like alot (You cant block all ip addresses)

How to block ip address

To block ip addresses

iptables -I INPUT -s XX.XXX.XX.XX -j DROP
service iptables save

To see all blocked ip addresses

iptables -L -v

There are lot other things you can do, but you should start with this :)