SSHD Best Practices
Posted by on 26 September 2016 11:28 AM


  • deny all, permit by exception (iptables or tcpwrappers, AllowUsers)
  • never log into sshd as root (PermitRootLogin no)
  • use strongly passworded ssh keys instead of password auth (PasswordAuthentication no)
  • remove temporary accounts, such as those used by 3rd party support companies
  • change any passwords used by 3rd party support users
  • never reuse passwords
  • rotate passwords periodically, if you use them
  • rotate ssh keys periodically
  • use WHM >> Configure Security Policies
  • configure a remote syslog server. that way if you do get hacked, you still have logs safely stored at another location


(0 vote(s))
Not helpful

Comments (0)
Post a new comment
Full Name:
CAPTCHA Verification 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).