as always… you should tweak your /etc/ssh/sshd_config for security
only allow password auth temporarily and only use public-key auth. it is easy to setup and no brute-force attack in this world can hack your server.
when you start to edit:
vim /etc/ssh/sshd_config # tweak save quit # and restart sshd systemctl restart sshd
you SHOULD stay logged in, open a second terminal and test if your settings actually work.
DO NOT CLOSE THE CURRENT SESSION!
or you might NOT get back in and need a service-technician to attach a KVM-console (like the LanTronix Spider Duo) to your server or reset your root password X-D
also: DON’T
change this to no:
PermitTTY yes
or you will get:
PTY allocation request failed on channel 0
and can not login.
nothing really usefull in the logs.
liked this article?
- only together we can create a truly free world
- plz support dwaves to keep it up & running!
- (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
- really really hate advertisement
- contribute: whenever a solution was found, blog about it for others to find!
- talk about, recommend & link to this blog and articles
- thanks to all who contribute!
