*UNIX Servers, like any Device once it’s connected to the Internet, it could be under any Cyber Attacks. In this article, we will try to reach Best Practice Security methods, in order to secure our Server(s) login from non-authorized users.<\/p>\n\n\n\n
First, when you access your *UNIX Server, it may show you the following:<\/p>\n\n\n\n
Last failed login: Sat May 4 14:08:36 UTC 2019 from 58.242.82.9 on ssh:notty\nThere were 9030 failed login attempts since the last successful login.\nLast login: Fri May 3 05:34:33 2019 from c-73-13-124-20.hsd1.XX.XXXXXX.net<\/code><\/pre>\n\n\n\nAs we can see, from these Information, there were 9030 tries to access our Server using username root<\/strong>, and the default port for SSH port 22<\/strong>. Hence, we need to change these settings. Let’s get started.<\/p>\n\n\n\nOpen the SSH configuration file in any text editor<\/p>\n\n\n\n
# vi \/etc\/ssh\/sshd_config<\/code><\/pre>\n\n\n\nWithing sshd_config, we are going to uncomment Port 22, and change 22 to whatever unassigned port number (you can choose between 1-65535 ).<\/p>\n\n\n\n
Port <any_number><\/code><\/pre>\n\n\n\nAfter changing the Default Port number, we need to disable root user from login to the server remotely. uncomment PermitRootLogin yes<\/strong> and change it to no<\/strong><\/p>\n\n\n\nPermitRootLogin no<\/code><\/pre>\n\n\n\nOnce we disable root from Login, we need to create and allow another user(s), to access the Server remotely. By adding AllowUsers <\/strong>to your SSH Configuration file under Authentication <\/strong>Section: <\/p>\n\n\n\n# Authentication:\n\nAllowUsers <username><\/code><\/pre>\n\n\n\nSave SSH Configuration File, and restart SSH service.<\/p>\n\n\n\n
# systemctl restart sshd\nor\n# service ssh restart<\/code><\/pre>\n\n\n\nNow, we are not able to login to our Server using root user, therefore, we need to login with user we have added to AllowUsers <\/strong>section.<\/p>\n","protected":false},"excerpt":{"rendered":"*UNIX Servers, like any Device once it’s connected to the Internet, it could be under any Cyber Attacks. In this article, we will try to reach Best Practice Security methods, in order to secure our Server(s) login from non-authorized users. First, when you access your *UNIX Server, it may show you the following: As we…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,11],"tags":[],"_links":{"self":[{"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/posts\/365"}],"collection":[{"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/comments?post=365"}],"version-history":[{"count":3,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/posts\/365\/revisions"}],"predecessor-version":[{"id":454,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/posts\/365\/revisions\/454"}],"wp:attachment":[{"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/media?parent=365"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/categories?post=365"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/server-help.org\/index.php\/wp-json\/wp\/v2\/tags?post=365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}