{"id":188,"date":"2016-06-20T12:49:20","date_gmt":"2016-06-20T07:19:20","guid":{"rendered":"http:\/\/hostmayo.com\/blog\/?p=188"},"modified":"2018-04-23T22:03:34","modified_gmt":"2018-04-23T16:33:34","slug":"secure-ssh-linux","status":"publish","type":"post","link":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/","title":{"rendered":"Secure SSH on Linux"},"content":{"rendered":"

Today we are going to focus on how to secure Secure SSH on Linux.<\/p>\n

Users can connect to the server remotely to\u00a0 SSH\/Shell is the remote connectivity tool in Linux. To restrict the attacks it is vital to secure SSH\/Shell .<\/p>\n

Upgrading the SSH is one way however the other methods you need to employ are as follow:<\/p>\n

Setup Wheel User <\/strong><\/h2>\n

This idea behind this process is to disable Root SSH login and allow a new user or an existing user to the Wheel user group\u00a0 so that only that user is allowed to connect SSH.<\/p>\n

#Open the SSH config file<\/p>\n

vi \/etc\/ssh\/sshd_config<\/pre>\n
#Set PermitRootLogin to \u2018No<\/p>\n
PermitRootLogin no<\/pre>\n
SSH server settings are stored in the \/etc\/ssh\/sshd_config<\/strong> file. To disable root logins, make sure you have the following entry:<\/span><\/p>\n
and restart the sshd service:<\/span><\/p>\n
service sshd restart\r\n<\/span><\/pre>\n
If you need root access, login as a normal user and use the su<\/strong> command.<\/p>\n
This will disable the Root login.<\/p>\n
Warning: If your current session is terminated you can\u2019t login as Root user. Now, you have to create a new wheel user simply with,<\/p>\n
adduser <wheel_user_name><\/pre>\n
Adding a new user is not necessary, if you want an existing user to be the wheel user, you can skip the above step. Now go to WHM and add the user to wheel user group.<\/p>\n
WHM >> Security Center >> Manage Wheel Group Users >> Select the user and click \u2018Add to Group\u2019.<\/p>\n
Now a wheel user is added and you can only login to SSH as that particular user and after logging in, you can swith to Root.<\/p>\n
Setup key based password less login <\/strong><\/h2>\n
The idea behind this is to disable password authentication and allow SSH access only by Key based authentication. For this you need to general an SSH key in the machine that you want to connect to the server and add the public key to the authorized keys of the server.<\/p>\n
#Open SSH config file<\/p>\n
vi \/etc\/ssh\/sshd_config<\/pre>\n
#Edit the PasswordAuthentication parameter to \u2018no\u2019
\nPasswordAuthentication no<\/p>\n
This will disable password authentication in the server.<\/p>\n
#Generate SSH key in the host machine (system from which you need to connect to the server)<\/p>\n
ssh-keygen<\/pre>\n
This will prompt the file to specify the key which is generated. If you hit \u2018Enter\u2019, the key will be placed in \u2018\/home\/user\/.ssh\/id_rsa\u2019 by default.<\/p>\n
It will also ask the desired passphrase, which is similar to password but you\u2019ll only have to add it once. You can refer the screenshot below.<\/p>\n
\"secure_cpanel.jpg\"<\/p>\n
Once the key is generated, you\u2019ll have to add the public key in the authorized keys file in the server. For this you can use scp functionality.<\/p>\n
scp -P portnumber ~\/.ssh\/id_rsa.pub root@XX.YY.XX.ZZ<\/a><\/pre>\n
SSH into the remote server, and in the home directory of the SSH user, you can see the file \u2018id_rsa.pub\u2019. Just copy paste the key in the said file to the file \u2018\/root\/.ssh\/authorized_keys\u2019<\/p>\n
cat id_rsa.pub >> \/root\/.ssh\/authorized_keys<\/pre>\n
With this, you will be able to login to the server without prompting passwords and only based on the key added,<\/p>\n
https:\/\/wiki.centos.org\/HowTos\/Network\/SecuringSSH<\/p>\n","protected":false},"excerpt":{"rendered":"
Today we are going to focus on how to secure Secure SSH on Linux. Users can connect to the server remotely to\u00a0 SSH\/Shell is the […] Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":366,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[10,8,7],"tags":[],"class_list":["post-188","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel","category-hosting","category-vps"],"yoast_head":"\nSecure SSH on Linux<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure SSH on Linux\" \/>\n<meta property=\"og:description\" content=\"Today we are going to focus on how to secure Secure SSH on Linux. Users can connect to the server remotely to\u00a0 SSH\/Shell is the […] Read More\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\" \/>\n<meta property=\"og:site_name\" content=\"Host Mayo\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hostmayoservers\" \/>\n<meta property=\"article:published_time\" content=\"2016-06-20T07:19:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-04-23T16:33:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"955\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Billa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hostmayo\" \/>\n<meta name=\"twitter:site\" content=\"@hostmayo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Billa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\"},\"author\":{\"name\":\"Billa\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/a511fa95af50c3cb2614311b73c2ea9d\"},\"headline\":\"Secure SSH on Linux\",\"datePublished\":\"2016-06-20T07:19:20+00:00\",\"dateModified\":\"2018-04-23T16:33:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\"},\"wordCount\":510,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg\",\"articleSection\":[\"CPanel\",\"Hosting\",\"vps\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\",\"url\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\",\"name\":\"Secure SSH on Linux\",\"isPartOf\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg\",\"datePublished\":\"2016-06-20T07:19:20+00:00\",\"dateModified\":\"2018-04-23T16:33:34+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage\",\"url\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg\",\"contentUrl\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg\",\"width\":955,\"height\":454,\"caption\":\"secure_cpanel.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/hostmayo.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Secure SSH on Linux\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#website\",\"url\":\"https:\/\/hostmayo.com\/blog\/\",\"name\":\"Host Mayo\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hostmayo.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#organization\",\"name\":\"Host Mayo\",\"url\":\"https:\/\/hostmayo.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2015\/12\/ico.png\",\"contentUrl\":\"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2015\/12\/ico.png\",\"width\":64,\"height\":64,\"caption\":\"Host Mayo\"},\"image\":{\"@id\":\"https:\/\/hostmayo.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Hostmayoservers\",\"https:\/\/x.com\/hostmayo\",\"https:\/\/www.linkedin.com\/company\/host-mayo\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/a511fa95af50c3cb2614311b73c2ea9d\",\"name\":\"Billa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/55380a32a6c37aba9b35b3d51dbd6cd6460322a433ecdaaacb28aece47163e51?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/55380a32a6c37aba9b35b3d51dbd6cd6460322a433ecdaaacb28aece47163e51?s=96&d=mm&r=g\",\"caption\":\"Billa\"},\"description\":\"Geek, Banker & Entrepreneur.\",\"sameAs\":[\"https:\/\/hostmayo.com\/\"],\"url\":\"https:\/\/hostmayo.com\/blog\/author\/waqass\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Secure SSH on Linux","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/","og_locale":"en_US","og_type":"article","og_title":"Secure SSH on Linux","og_description":"Today we are going to focus on how to secure Secure SSH on Linux. Users can connect to the server remotely to\u00a0 SSH\/Shell is the […] Read More","og_url":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/","og_site_name":"Host Mayo","article_publisher":"https:\/\/www.facebook.com\/Hostmayoservers","article_published_time":"2016-06-20T07:19:20+00:00","article_modified_time":"2018-04-23T16:33:34+00:00","og_image":[{"width":955,"height":454,"url":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","type":"image\/jpeg"}],"author":"Billa","twitter_card":"summary_large_image","twitter_creator":"@hostmayo","twitter_site":"@hostmayo","twitter_misc":{"Written by":"Billa","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#article","isPartOf":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/"},"author":{"name":"Billa","@id":"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/a511fa95af50c3cb2614311b73c2ea9d"},"headline":"Secure SSH on Linux","datePublished":"2016-06-20T07:19:20+00:00","dateModified":"2018-04-23T16:33:34+00:00","mainEntityOfPage":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/"},"wordCount":510,"commentCount":0,"publisher":{"@id":"https:\/\/hostmayo.com\/blog\/#organization"},"image":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage"},"thumbnailUrl":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","articleSection":["CPanel","Hosting","vps"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/","url":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/","name":"Secure SSH on Linux","isPartOf":{"@id":"https:\/\/hostmayo.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage"},"image":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage"},"thumbnailUrl":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","datePublished":"2016-06-20T07:19:20+00:00","dateModified":"2018-04-23T16:33:34+00:00","breadcrumb":{"@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#primaryimage","url":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","contentUrl":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","width":955,"height":454,"caption":"secure_cpanel.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/hostmayo.com\/blog\/secure-ssh-linux\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostmayo.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Secure SSH on Linux"}]},{"@type":"WebSite","@id":"https:\/\/hostmayo.com\/blog\/#website","url":"https:\/\/hostmayo.com\/blog\/","name":"Host Mayo","description":"","publisher":{"@id":"https:\/\/hostmayo.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostmayo.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hostmayo.com\/blog\/#organization","name":"Host Mayo","url":"https:\/\/hostmayo.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostmayo.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2015\/12\/ico.png","contentUrl":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2015\/12\/ico.png","width":64,"height":64,"caption":"Host Mayo"},"image":{"@id":"https:\/\/hostmayo.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hostmayoservers","https:\/\/x.com\/hostmayo","https:\/\/www.linkedin.com\/company\/host-mayo"]},{"@type":"Person","@id":"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/a511fa95af50c3cb2614311b73c2ea9d","name":"Billa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostmayo.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/55380a32a6c37aba9b35b3d51dbd6cd6460322a433ecdaaacb28aece47163e51?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/55380a32a6c37aba9b35b3d51dbd6cd6460322a433ecdaaacb28aece47163e51?s=96&d=mm&r=g","caption":"Billa"},"description":"Geek, Banker & Entrepreneur.","sameAs":["https:\/\/hostmayo.com\/"],"url":"https:\/\/hostmayo.com\/blog\/author\/waqass\/"}]}},"jetpack_featured_media_url":"https:\/\/hostmayo.com\/blog\/wp-content\/uploads\/2016\/06\/secure_cpanel.jpg","_links":{"self":[{"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/posts\/188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/comments?post=188"}],"version-history":[{"count":0,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/posts\/188\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/media\/366"}],"wp:attachment":[{"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/media?parent=188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/categories?post=188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostmayo.com\/blog\/wp-json\/wp\/v2\/tags?post=188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}