CentOS cloud hosting security change SSH port, do not allow ROOT login

Linux itself is very safe, but if the password is not complex enough, if lowercase + numbers 12-bit the following, your SSH or use the default port, then brute force hacking is not half an hour, you can brute force your password. Therefore, the best way is to modify the SSH port.

, Modify the file:/etc/ssh/sshd_config

Port 22 # in the third or fourth row, if the previous number, delete, revise it to 65534

In the remote connection with VI commands, or SFTP downloads to your local modifications, modifications, use the following command to restart the SSH service

/Etc/init.d/sshd restart #CentOS system, restart the SSH service commands

/Etc/init.d/SSH restart #Debian/Ubuntu system, restart the SSH service commands

Second, the more secure setting to prohibit ROOT login, using small landing then ROOT (this method does not use SFTP to upload files)

Useradd vpsmm # create a new trumpet

Passwd vpsmm # s to set a password, enter exactly the same second, pay attention to hints

/Ssh/sshd_config # modified files is the

PermitRootLogin Yes # Yes, change to no, save and exit, and restart the SSH service (with restart command)

Remember, if there is no new trumpet or trumpet password is set incorrectly, you ban the ROOT, you can restart the system or rolling back to a snapshot, can’t login anymore.
If it is not in desperate need of a safe environment, and also needs to manage files with SFTP, then get rid of ports on the line.