Method One
Many owners have a Linux host, whether it is a virtual machine or physical machine, generally we connect remotely, are used SSH (Secureshell based on the application layer and the transport layer on the basis of the security protocol).
It defaults to port 22 and can be logged on by default using root. This is very dangerous on the Internet, we can only change its default port (although it will still be detected by the port scan), disable root login, to relatively improve security.
1. Modify the SSH default port a. The command line temporarily modifies the SSH default port is 22, for security reasons, now modify the SSH port is 1433, modify the method as follows:
/usr/sbin/sshd-p 1433
B. Modify the configuration file, permanently modify
vim/etc/ssh/sshd_config# then modify to port 8888
Restart sshd
Service sshd Restart
2. Use remote connection software, port 8888, remote connection. To increase security, first add a user with normal permissions:
Useradd sshuserpasswd sshuser# Set the password, must be a complex password, write down with the book, Lest You Forget
3. The production machine prohibits root remote SSH login: #vi/etc/ssh/sshd_config
Permitrootlogin Yes
Switch
Permitrootlogin No
Restarting the SSHD service
Service sshd Restart
Remote Management log in with normal user sshuser, then switch to root user with Su root to get the highest privileges
Method two in the/etc/default/login file, add a line to the SET command:
CONSOLE =/dev/tty01
is set to take effect immediately, without rebooting. Later, the user can only login in the console (/DEV/TTY01) root to limit root telnet, but also restricts the LAN user root login, to the administrator's Daily maintenance work brings many inconvenience. Reference: http://www.2cto.com/os/201207/142420.htmlhttp://www.centoscn.com/CentosSecurity/CentosSafe/2014/0606/3104.html
CentOS Production machine Disable root remote SSH login