This how to assumes you have SSH Keys installed on your server. If you do not you can follow either of the how to’s below:
In this tutorial we will be:
- Changing The SSH Servers Port
- Allowing connections only va PubkeyAuthentication.
We will begin by editing your SSH servers configuration file: /etc/ssh/sshd_config
To change the SSH Listening Port. Locate the below line:
# Port 22
Uncomment and change the 22 to some random port number you wish to use to connect to SSH via.
Next lets confirm the following lines are set to yes (these are normally enabled by default and may be commented out):
RSAAuthentication yes PubkeyAuthentication yes
At this point please make sure your SSH keys are working properly. If they are not you will be unable to log back in via SSH.
Now change the below line to disable PasswordAuthentication and only allow access for ssh keys.
change this to:
Now lets restart the SSH service
Your SSH server should now be locked down to only allow access via SSH key authentication.