{"id":24270,"date":"2022-02-02T14:27:24","date_gmt":"2022-02-02T14:27:24","guid":{"rendered":"https:\/\/1-grid.com\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/"},"modified":"2023-03-06T08:40:51","modified_gmt":"2023-03-06T08:40:51","slug":"securing-ssh-on-your-linux-dedicated-server","status":"publish","type":"ht_kb","link":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/","title":{"rendered":"Securing SSH on your Linux Dedicated Server"},"content":{"rendered":"\n
\n

This article will show you How to Secure your SSH on your Linux Dedicated Server <\/p>\n<\/blockquote>\n\n\n

\n

Secure SSH using Public Key Authentication<\/span><\/strong>\u00a0<\/span><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Public key authentication is a more secure way of authenticating via SSH to your server and if all password-based authentication methods are disabled, it can prevent any brute force SSH attacks.\u00a0<\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Generating a Key<\/span><\/strong>\u00a0<\/span><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

First we need to generate a key that will be used to access your server. In a Linux environment this utility is normally built in, Windows users can download<\/span> this tool<\/a> for generating keys. In Linux you can run the following commands from your bash prompt.<\/span><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

\u00b7\u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/span><\/span><\/span>client$ mkdir -p ~\/.ssh<\/span><\/strong>\u00a0client$ chmod 700 ~\/.ssh<\/span><\/strong> client$ ssh-keygen -q -f ~\/.ssh\/id_rsa -t rsa<\/span><\/strong> Enter passphrase (empty for no passphrase):<\/span><\/strong><\/span><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Do not use your account password, nor an empty passphrase. The passphrase should also be at least 8 characters long.\u00a0<\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Distributing a key<\/span><\/strong>\u00a0<\/span><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

The public portion of the RSA key pair must be copied to your server and appended to ~\/.ssh\/authorized_keys<\/em> to enable access. If you are running Linux, the public key information to be copied should be located in the ~\/.ssh\/id_rsa.pub<\/em> file on your PC. To copy the public key to your server run:<\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/span><\/span>client$ scp ~\/.ssh\/id_rsa.pub username@server.example.org:<\/span><\/strong><\/span><\/p>\n

\u00b7\u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/span><\/span><\/span>server$ mkdir ~\/.sshserver$ chmod 700 ~\/.sshserver$ cat ~\/id_rsa.pub >> ~\/.ssh\/authorized_keysserver$ chmod 600 ~\/.ssh\/authorized_keysserver$ rm ~\/id_rsa.pub<\/span><\/strong><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Disabling Password Authentication<\/span><\/strong><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Once you have loaded your key onto the server and tested that you are able to login using the key, you can then edit your SSH configuration on the server to disable standard password authentication. As root, edit the file \/etc\/ssh\/sshd_config<\/em> on your server. Ensure the following lines exist and edit as follows:<\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

\u00b7\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/span><\/span>RSAAuthentication yes<\/span><\/strong>\u00a0PubkeyAuthentication yes<\/span><\/strong> AuthorizedKeysFile .ssh\/authorized_keys<\/span><\/strong><\/span><\/span><\/p>\n

\u00b7\u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/span><\/span><\/span>PasswordAuthentication noChallengeResponseAuthentication noUsePAM no<\/span><\/strong><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Save the file, and restart SSHD<\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

\u00b7\u00a0 \u00a0 \u00a0 \u00a0\u00a0<\/span><\/span><\/span>\/etc\/init.d\/sshd restart<\/span><\/strong><\/span><\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

Your server is now secure from brute force SSH attacks.<\/span><\/p>\n

\u00a0<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"

This article will show you How to Secure your SSH on your Linux Dedicated Server  Secure SSH using Public Key Authentication\u00a0 \u00a0 \u00a0 Public key authentication is a more secure way of authenticating via SSH to your server and if all password-based authentication methods are disabled, it can prevent any…<\/p>\n","protected":false},"author":21,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"ht-kb-category":[1196],"ht-kb-tag":[274,470,480,574,890,898,949],"class_list":["post-24270","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-dedicated-server","ht_kb_tag-dedicated","ht_kb_tag-hosting","ht_kb_tag-how-to","ht_kb_tag-linux","ht_kb_tag-secure","ht_kb_tag-server","ht_kb_tag-ssh"],"yoast_head":"\nSecuring SSH on your Linux Dedicated Server -<\/title>\n<meta name=\"description\" content=\"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing SSH on your Linux Dedicated Server -\" \/>\n<meta property=\"og:description\" content=\"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server\" \/>\n<meta property=\"og:url\" content=\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/\" \/>\n<meta property=\"og:site_name\" content=\"1-grid Knowledge Base\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/1grid.co.za\/\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-06T08:40:51+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@1grid_hosting\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/\",\"url\":\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/\",\"name\":\"Securing SSH on your Linux Dedicated Server -\",\"isPartOf\":{\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#website\"},\"datePublished\":\"2022-02-02T14:27:24+00:00\",\"dateModified\":\"2023-03-06T08:40:51+00:00\",\"description\":\"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server\",\"breadcrumb\":{\"@id\":\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/1grid.co.za\/knowledge\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Securing SSH on your Linux Dedicated Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#website\",\"url\":\"https:\/\/1grid.co.za\/knowledge\/\",\"name\":\"1-Grid Domain Hosting Knowledge Base\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/1grid.co.za\/knowledge\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#organization\",\"name\":\"1-Grid Domain Hosting Knowledge Base\",\"url\":\"https:\/\/1grid.co.za\/knowledge\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/1grid.co.za\/knowledge\/wp-content\/uploads\/2023\/01\/1-grid-logo-color.svg\",\"contentUrl\":\"https:\/\/1grid.co.za\/knowledge\/wp-content\/uploads\/2023\/01\/1-grid-logo-color.svg\",\"width\":100,\"height\":100,\"caption\":\"1-Grid Domain Hosting Knowledge Base\"},\"image\":{\"@id\":\"https:\/\/1grid.co.za\/knowledge\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/1grid.co.za\/\",\"https:\/\/twitter.com\/1grid_hosting\",\"https:\/\/www.instagram.com\/1grid_hosting\/\",\"https:\/\/za.linkedin.com\/company\/1-grid\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Securing SSH on your Linux Dedicated Server -","description":"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/","og_locale":"en_US","og_type":"article","og_title":"Securing SSH on your Linux Dedicated Server -","og_description":"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server","og_url":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/","og_site_name":"1-grid Knowledge Base","article_publisher":"https:\/\/www.facebook.com\/1grid.co.za\/","article_modified_time":"2023-03-06T08:40:51+00:00","twitter_card":"summary_large_image","twitter_site":"@1grid_hosting","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/","url":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/","name":"Securing SSH on your Linux Dedicated Server -","isPartOf":{"@id":"https:\/\/1grid.co.za\/knowledge\/#website"},"datePublished":"2022-02-02T14:27:24+00:00","dateModified":"2023-03-06T08:40:51+00:00","description":"This article will show you How to Secure your SSH on your Linux Dedicated Server\u00a0Securing SSH on your Linux Dedicated Server","breadcrumb":{"@id":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/1grid.co.za\/knowledge\/securing-ssh-on-your-linux-dedicated-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/1grid.co.za\/knowledge\/"},{"@type":"ListItem","position":2,"name":"Securing SSH on your Linux Dedicated Server"}]},{"@type":"WebSite","@id":"https:\/\/1grid.co.za\/knowledge\/#website","url":"https:\/\/1grid.co.za\/knowledge\/","name":"1-Grid Domain Hosting Knowledge Base","description":"","publisher":{"@id":"https:\/\/1grid.co.za\/knowledge\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/1grid.co.za\/knowledge\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/1grid.co.za\/knowledge\/#organization","name":"1-Grid Domain Hosting Knowledge Base","url":"https:\/\/1grid.co.za\/knowledge\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/1grid.co.za\/knowledge\/#\/schema\/logo\/image\/","url":"https:\/\/1grid.co.za\/knowledge\/wp-content\/uploads\/2023\/01\/1-grid-logo-color.svg","contentUrl":"https:\/\/1grid.co.za\/knowledge\/wp-content\/uploads\/2023\/01\/1-grid-logo-color.svg","width":100,"height":100,"caption":"1-Grid Domain Hosting Knowledge Base"},"image":{"@id":"https:\/\/1grid.co.za\/knowledge\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/1grid.co.za\/","https:\/\/twitter.com\/1grid_hosting","https:\/\/www.instagram.com\/1grid_hosting\/","https:\/\/za.linkedin.com\/company\/1-grid"]}]}},"_links":{"self":[{"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb\/24270","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/comments?post=24270"}],"version-history":[{"count":2,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb\/24270\/revisions"}],"predecessor-version":[{"id":31479,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb\/24270\/revisions\/31479"}],"wp:attachment":[{"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/media?parent=24270"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb-category?post=24270"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/1grid.co.za\/knowledge\/wp-json\/wp\/v2\/ht-kb-tag?post=24270"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}