This is just a short tutorial about one of many possible ways to protect your server from external attacks. If you’re running a Server you’ll probably access it via SSH and as root user. This is a default setting, but easy to fix with almost no effort. Since you’re able to log in as root, others will be able to log in as root as well. Therefore, we’re adding an extra layer of security while we’re removing direct root access and only force one specific user to log in.
First of all make sure you have your new user already set up. You can easily add new users with either useradd or adduser.
We’re going to connect to our Server via SSH with Putty or my favorite mRemoteNG and open the configuration file
Editing the configuration file
Before we scroll down you’ll see the Port, usually set to 22. It is possible to change that, but it is very rare that attackers are just scanning one specific port. If they do, however, they would end up receiving an error that there is no services running on that port.
Change the following settings and press CTRL+O (save file) and CTRL+X (exit)
Restart the SSH Server
Before our changes take effect we have to restart the SSH Server
Logging in as new user and switching to root
First we test if we’re still able to log in as root user
Now we log in as the user we set in the configuration file with the user’s password and switch to the root user afterwards