How to Secure SSH

April 26, 2017

After OS installation、I got this massage.

To prevent these access, I made SSH harden & secure.

Below is the steps that I used.
As a result, unknown accesses disappeared.

 

 

1.Change port number for SSH

1-1. Set new port number for SSH

note : you can use 1-65535 as new port but it should not be used.

 

1-2. Reboot sshd

※ Once you get an error, check SeLinux.

 

1-3. Confirmation

 

1-4. Setting firewalld

Create setting file with copying default setting file.

Reload firewalld

Add new setting file

confirmation

just in case, Reload once more

 

1-5. Change local setting

Change the ssl port for SFTP or something else.
Once you could access, it’s working.

 

1-6. Delete port 22 from firewalld

 

1-7. Delete port 22 from /etc/ssh/sshd_config

Reboot sshd

 
References:
http://d.hatena.ne.jp/akahana_1/20160411/p1
http://lovepeers.org/2014/11/21/centos7-sshd/
linux – What is the maximum port number? – Server Fault