In order to leave your server without worry, you’ll want to secure your SSH daemon on your server.

First, if you haven’t already, you should create an SSH key on your local machine:

ssh-keygen -t rsa -b 4096

Next, copy that key across to your server:

ssh-copy-id <[email protected]>

Once you’ve copied across your key, log into your server:

ssh <[email protected]>

Once you’ve made sure you can log in via your SSH key, it’s time to lock down your SSH daemon:

sudo vi /etc/ssh/sshd_config

Disabling password authentication will enable only people with valid SSH keys to log in. Find the line where PasswordAuthentication is set:

PasswordAuthentication no

Disabling root login will prevent people from logging in as root. People will need to log in with normal users and escalate permissions via sudo. Find the line where PermitRootLogin is set:

PermitRootLogin no

Exit the sshd_config file, and restart the SSH daemon:

sudo systemctl restart sshd

Once this is done, you’ll be able to rest a bit easier!

Leave a Reply

Your email address will not be published. Required fields are marked *