In fact, Linux is safe, but if the password is not complex enough, if the lower case + number is 12 digits in Total, your SSH uses the default port, A powerful hacker can crack your password in less than half an hour. Therefore, the best way is to modify the SSH port. 1. modify the File:/etc/ssh/sshd_configPort22 # in the third or fourth line. if there is a well number in front, delete it and change it to 65534.
In fact, Linux is safe, but if the password is not complex enough, if the lower case + number is 12 digits in Total, your SSH uses the default port, A powerful hacker can crack your password in less than half an hour. Therefore, the best way is to modify the SSH port.
1. modify the File:/etc/ssh/sshd_config
Port 22
# In row 3 or row 4, if there is a well number in front of it, delete it and change it to below 65534.
You can use the vi command or sftp command to download the modification to the local device for remote connection. after modification, use the following command to restart the ssh service.
/etc/init.d/sshd restart
# Centos system, restart the ssh service command
/etc/init.d/
ssh
restart
# Debian/ubuntu system, restart the ssh service command
2. more secure settings: prohibit ROOT login, use the account to log on and then switch to ROOT (this method cannot use SFTP to upload files)
useradd
vpsmm
# Create a new account
passwd
vpsmm
# Set the password for the account number. enter the same password twice. Note that
vi
/etc/
ssh
/sshd_config
# This is the modified file.
PermitRootLogin
yes
# Change "yes" to "no", save and quit, and restart the SSH service (the Restart command is shown above)
Remember, if you have not created a new account or the account password is incorrectly set, and you have disabled ROOT, you can only restart the system or roll back the snapshot, and you can no longer log on.
If you do not need a secure environment and want to use SFTP to manage files, you can just change the port.