โ All Guides
๐
How to Secure Exposed SSH
Harden your SSH server
Port 22 ยท Network
Step 1.Disable password auth
Use key-based authentication only.
# /etc/ssh/sshd_config PasswordAuthentication no
Step 2.Change default port
Move SSH to a non-standard port to reduce brute force attempts.
# /etc/ssh/sshd_config Port 2222
Step 3.Install fail2ban
Automatically ban IPs after failed login attempts.
sudo apt install fail2ban
Step 4.Disable root login
Prevent direct root SSH access.
# /etc/ssh/sshd_config PermitRootLogin no
After fixing:Use our Self-Check Tool to verify the port is no longer exposed.