How to harden SSH to increase security (change password/port)



  • Hardening is the act of making a computer system more secure.

    In this article we are going to increase the security of PiMP's SSH server by changing the password and the access port.

    The password should be changed on your rig right away. We recommend using a combination of words and numbers, in the "correct horse battery staple" fashion that we are seeing more and more sites using, such as online wallets.

    Here are some good examples: green500shrub600 super10duper20fun

    The reason changing the port is effective is because it will make it more difficult for someone to attack because they will not know the port.

    Changing the Root Password

    Open a Terminal Window and enter:

    passwd

    Put in your new password twice. Note, it doesn't put out the * like windows. Just type and hit enter afterward.

    Changing the SSH Port

    Open a Terminal Window and enter:

    nano +5 /etc/ssh/sshd_config

    Change Port 22 to what you want, number between 1-65535.
    Common examples used: 22222, 18222, etc.

    Control-X, then Y, then enter to save.

    To use the new setting, restart the sshd service with the command:
    systemctl restart sshd



  • To enhance security you may also want to enable Ubuntu Firewall. by using

    sudo ufw enable
    or simply:
    ufw enable



  • I changed the port and ssh works great but it breaks Microsoft Remote Desktop connection and I can't reconnect. Any idea why?


  • Staff

    You would need to then unblock port 3389 to allow RDP through the firewall you just blocked it with. ufw --help for details.



  • How do you change the default RDP password?


 



Want 10% more hash from your rigs?



We promise to keep your email safe and never spam you.



Copyright (c) 2012-2018 PiMP LLC. All rights Reserved.

Looks like your connection to PiMP Forum was lost, please wait while we try to reconnect.