You just strengthened the security of your Server by adding a new user and generating SSH keys. Now it’s time to make some changes to the default SSH configuration. First, you’ll disablepassword authentication to require all users connecting via SSH to use key authentication. Next, you’ll disable root login to prevent the
root user from logging in via SSH. These steps are optional, but are strongly recommended.
Here’s how to disable SSH password authentication and root login:
Open the SSH configuration file for editing by entering the following command:
sudo nano /etc/ssh/sshd_config
PasswordAuthentication setting to
no as shown below. Verify that the line is uncommented by removing the # in front of the line, if there is one.:
PermitRootLogin setting to
no as shown below:
Save the changes to the SSH configuration file by pressing Control-X, and then Y.
Restart the SSH service to load the new configuration. Enter the following command:
sudo service ssh restart
After the SSH service restarts, the SSH configuration changes will be applied.