How to secure SSH for your dedicated server in Vietnam

October 20, 2017

Maintaining a dedicated host can be a daunting task, but there are also many solutions to keep your dedicated server in Vietnam secure.

Restrict SSH logins by group

The basic to securing SSH is to narrow down who has access to the service. One of the great methods to do this is limiting SSH access by groups. Adding the following to your sshd_config so that only those groups and users to access the SSH service: AllowGroups noc + AllowUsers reliable site Johnson

Disable external root login

You have heard it before, and remember that – never perform server activities by logging in as the root user directly. Since every server VN has a root user, this’s a common user that is accessed through brute force externally. The best method to secure access is to completely disable remote root logins.

Server Vietnam

Install brute-force prevention

Brute force prevention software blocks automatically the access from the users who submit bad login credentials multiple times.

Only allow SSH Access from certain IP

Other method to secure SSH is to allow SSH access from certain IP addresses. This’s suitable if you use a VPN to connect to your dedicated servers, as the IP would stay static. If you connect from a dynamic IP, then this would not be a good choice for you without a VPN.

Change default SSH port for both Windows and Linux

Running SSH on port 22 is an easy method of telling intruders exactly where to enter your Vietnam server. Whilst it’s not difficult to locate the SSH daemon, switching the port is an ideal method obscuring points of entry. Changing the SSH port is a common method of securing access. You have to restart SSHD when all things done.

Use SSH keys instead of passwords

You have to know that focus on passwords altogether is the important method to secure SSH access. Instead of passwords, use SSH keys to authenticate the users. Some system passwords are required, so defining strong password requirements is the key. Do not forget this tip because the passwords are the weakest link when it comes to system security.