Protecting SSH

How to protect SSH in CentOS Linux Servers

This video tutorial series will show you how to make SSH access to a CentOS Linux server more secure.

With these tutorials, you will learn:

• How to create a new user, granted with proper (administrative) privileges, to side-step using root user credentials
• How to change the SSH port
• How to create and use SSH Keys with PuTTY

In this video, you will learn:

How to Create a New User to Protect SSH on CentOS

1. To create a new user, open the terminal and at the command prompt, type useradd username, where username is the name of your choice. In this tutorial, it is demoroot.
2. To set the password for the new user type passwd username, press Enter and type your chosen password. Press enter and then retype it.
3. Then, at the command prompt, type visudo and press Enter. This opens a text editor and validates the syntax of the file upon saving, preventing configuration errors from blocking sudo, or “substitute user do,” operations.
4. On the screen, you will see examples of commands for delegating access by particular groups or users to specific areas, without them needing to use the root password. Scroll down the screen and just below user MACHINE COMMANDS, locate the root ALL=(ALL) ALL line. With your cursor on that line, press the Insert key. This will allow you to type a command.
5. Type: [the desired username] ALL=(ALL) ALL, and press the Esc key.
6. Then, type :w and press Enter to save the file.
7. To exit the editor, type :q and press Enter.
8. After the last step, you can use your newly created user to accomplish administrative tasks on the server. Type logout at the command prompt to logout root user from the server and login as the new user, with the associated password.

Be sure to see the next video in this series: How to Change the Default SSH Port