In order to leave your server without worry, you’ll want to secure your SSH daemon on your server.
First, if you haven’t already, you should create an SSH key on your local machine:
ssh-keygen -t rsa -b 4096
Next, copy that key across to your server:
ssh-copy-id <[email protected]>
Once you’ve copied across your key, log into your server:
ssh <[email protected]>
Once you’ve made sure you can log in via your SSH key, it’s time to lock down your SSH daemon:
sudo vi /etc/ssh/sshd_config
Disabling password authentication will enable only people with valid SSH keys to log in. Find the line where PasswordAuthentication
is set:
PasswordAuthentication no
Disabling root login will prevent people from logging in as root. People will need to log in with normal users and escalate permissions via sudo. Find the line where PermitRootLogin
is set:
PermitRootLogin no
Exit the sshd_config
file, and restart the SSH daemon:
sudo systemctl restart sshd
Once this is done, you’ll be able to rest a bit easier!