ssh:configuring_sshd

This is an old revision of the document!

Table of Contents

SSH - Configuring sshd
- Disable logins for the **root** user, only allow login for the core user and disable password based authentication.
- Changing the sshd port

SSH - Configuring sshd

Disable logins for the root user, only allow login for the core user and disable password based authentication.

permissions: 0600 owner: root:root

/etc/ssh/sshd_config

# Use most defaults for sshd configuration.
UsePrivilegeSeparation sandbox
Subsystem sftp internal-sftp
 
PermitRootLogin no
AllowUsers core
PasswordAuthentication no
ChallengeResponseAuthentication no

Changing the sshd port

With socket-activated SSH by default. The configuration for this can be found at /usr/lib/systemd/system/sshd.socket.

/usr/lib/systemd/system/sshd.socket

[Socket]
ListenStream=2222
FreeBind=true
Accept=yes

sshd will now listen only on port 2222 on all interfaces when the system is built.

ssh/configuring_sshd.1476715632.txt.gz · Last modified: 2020/07/15 09:30 (external edit)