Modify the ssh port in Linux and disable remote root logon.
Modify the ssh port and disable remote root login in Linux
We all know that the default ssh port number is 22. To change the port number to 9688, You need to edit the/etc/ssh/ssh_config and/etc/ssh/sshd_config files;
To disable remote root logon, edit/etc/ssh/sshd_config. (Some Linux directories may be/etc/sshd. Please modify them as needed)
The procedure is as follows:
1. Edit the/etc/ssh/ssh_config file:
[Root @ db02 ~] # Cat/etc/ssh/ssh_config | grep Port
Remove the comment symbol "#" before the commented-out Port 22, and change 22 to 9688 above. Save and exit.
2. Edit the/etc/ssh/sshd_config file:
Find PermitRootLogin and change "yes" to "no", so that the root user cannot log on remotely. Save and exit.
3. Restart ssh:
#/Etc/init. d/ssh restart
In this way, the ssh port number is successfully changed and root remote logon is disabled. It is worth mentioning that if your Linu x contains only root users, you must create a new user before disabling root remote logon, otherwise, ssh cannot be used to remotely log on to the server!
The content in this article is tested in Ubuntu. commands in other Linux systems are similar.
Vi/etc/ssh/sshd_config, find Port 22, change Port 22 to the desired Port number, and restart the SSH service:/etc/init. d/sshd restart, and then test the ssh connection: ssh localhost-p your port number. The connection is successful. If you want to avoid using ssh connections because one port cannot be connected (for example, under attack), you can use multiple ssh connection ports, in the configuration file/etc/ssh/sshd_config, run vi/etc/ssh/sshd_config, find the Port, and add a line below: Port 23, in this way, a new connection port is added, the SSH service is restarted, and ssh localhost-p 23 is tested. The connection is successful. In addition, if the local test is normal, but you still cannot use the third-room tool to access the external SSH link, you need to disable the firewall and Restart SSHD. In this way, you can.
In linux, how does one Disable remote root login, and then use another account to log on to su root?
Set the default
# PermitRootLogin yes
Change the comment