A. Replace the port scanning attacks can be prevented to some extent,
vim /etc/ssh/sshd_config
The port a change from 22 high port, and then restart the ssh service
systemctl restart sshd.service
II. Prohibition of the Use root account login, allowing the use of the root account login server is an extremely dangerous act!
vim /etc/ssh/sshd_config
MaxAuthTries 3
#
限制失败次数
PermitRootLogin no
#
禁止使用
root
账号登录
Restart the ssh service
III. Close login password to prevent violent attacks, the use of asymmetric key pairs for authentication
vim /etc/ssh/sshd_config
RSAAuthentication yes # open RSA verification
PubkeyAuthentication yes # whether to use public key authentication
AuthorizedKeysFile .ssh / authorized_keys # save the file public key here is to log .ssh directory under the user's home directory, and can be configured according to their actual situation
PasswordAuthentication no # prohibit the use of password authentication login
IV. Generation