13,420
edits
Changes
no edit summary
# Even better, it is possible to restrict access to just specific users that require it:<br>Edit the file '''/etc/ssh/sshd_config''' and add a new option of <b><code><span style="color:#3366CC;font-size:1.2em;">AllowUsers account</span></code></b> using '''your''' login account for account<br>
# In order for these changes to take affect, you need to restart the sshd daemon. Issue the following command to restart the '''sshd''' service:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">systemctl restart sshd</span></code></b>
# Try sshing SSHing from your '''c7host''' VM to your '''centos1''' VMas '''root'''. Where you successful? Would Now try SSHing from your c7host VM to your centos1 VM as a regular user that was permitted to connect via ssh. Did it work if you let "AllowUsers account" without a username, or a non-existent username? Do What would happen for other user accounts that were not do this for your machine!permitted?# Next change , let us "fool" potential penetration testers by changing the default port number that sshd uses (TCP:from port 22)to port 2200.
# Edit the '''/etc/ssh/sshd_config''' file again, un-comment the port option and change the '''port number''' it uses from ''22'' to <b><code><span style="color:#3366CC;font-size:1.2em;">2200</span></code></b>.
# <u>Restart</u> the service.
