Lockdown Ubuntu Server Login

In this guide, I will show you how to lockdown your login for Ubuntu Server 20.04 by changing the SSH Port, enabling the firewall, and disabling password authentication.

Setup SSH Keys and ensure they work before following this guide.

First, we need to allow the SSH port that we are going to use through the firewall. In this guide, I will use Port 7070. The default SSH Port is 22 which is commonly used, and easy to guess and exploit.

sudo ufw allow 7070

Now we can edit our ssh configuration. First we need to use nano to edit the config file.

sudo nano /etc/ssh/sshd_config

Now, make the following modifications in your config file.

Port 7070 AddressFamily inet PermitRootLogin no PasswordAuthentication no PermitEmptyPasswords no

Use CTRL-X to exit, Y to save, and press the Enter key. Now we are going to restart our SSHD Service.

sudo systemctl restart sshd

Now test and ensure everything works, then we can enable the firewall.

sudo ufw enable

Do not close out of your SSH session. Open a new SSH session and ensure you can SSH into the server.

Back to Ubuntu Guides

Add a comment