Securing your remote access

SSH is a good method to administer a server because of its encrypted communications unlike rlogin and telnet. Create a standard user

useradd USER

Set a password for your newly created user.

passwd USER

Add the user to the WHEEL group.

usermod -aG wheel USER

Create an authentication key

ssh-keygen -t rsa -b 4096

Upload your public key to your server

ssh-copy-id YOURUSER@YOURSERVER

Login to the Server and execute following command

mkdir -p .ssh && sudo chmod -R 700 .ssh

Copy your PublicKey to your server

scp ~/.ssh/id_rsa.pub USER@SERVER:~/.ssh/authorized_keys

On the Server again edit /etc/ssh/sshd_config

PermitRootLogin no

or the less secure way

PermitRootLogin without-password

Set users allowed to login.

AllowUsers USER OTHERUSER

Change the default service port.

Port 2022

Disabling password authentication

PasswordAuthentication no

Only use SSH protocol 2

Protocol 2

Save the changes and restart the service.

service ssh restart

You should now be able to login

ssh USER@SERVER -p 2022