1.Open the ssh configureation file
vi /etc/ssh/sshd_config port 217 PermitRootLogin no
You can disable root login by finding the line that says “PermitRootLogin yes” you can change it to “PermitRootLogin no”
2.Then you’ll just need to restart ssh
service sshd restart
3.You can create a new username with ‘useradd username’ what ssh user do you want
useradd rajick passwd rajick
give “rajick’ user password
4.You can enable sudo access by running this command file will be open then add rajick user access
then add this line “username ALL=(ALL) ALL” username is whatever username you have I HAVE rajick so given as rajick
# visudo root ALL=(ALL) ALL rajick ALL=(ALL) ALL
Note:Sudo will allow you to change into root
5.ADDING PORT ON FIREWALL:
After changed everything if your server running on firewall you have to add your new port on firewall configuration file.
Installation Of csf firewall on centoS/RED hat
#vi /etc/csf/csf.conf TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,217"
Note: It’s only needed in tcp_in,You can add it to both if you want, but tcp_out won’t do anything,No changes are needed for udp_in or udp_out. SSH uses TCP.
csf.allow is used to open all ports for specific IP addresses,You don’t need to make any changes to it, but you can add your local IP if you want.
After any changes you’ll need to restart csf with:
6.USER Switching problem at linux
[rajick@vps ~]$ su - -bash: /bin/su: Permission denied If the user has sudo privelages you should be able to use 'sudo -s' or 'sudo su root' $ sudo -s [sudo] password for rajick: [root@vps rajick]#
7.check the SSH connection
login as: root firstname.lastname@example.org's password: Access denied email@example.com's password:
Note this root user not allowed,only rajick user allowed but port should be 217
And more about CSF(configure security firewall) firewall:
This checked for a block on your IP:
#csf -g 126.96.36.199
note:you can check your internet ip at your google search keyword “MY ip”
This removed the block Ip:
#csf -dr 188.8.131.52
Note:your ip will be blocked if 5 failed logins in an hour.