as always… you should tweak your /etc/ssh/sshd_config for security

only allow password auth temporarily and only use public-key auth. it is easy to setup and no brute-force attack in this world can hack your server.

when you start to edit:

vim /etc/ssh/sshd_config
# tweak save quit
# and restart sshd
systemctl restart sshd

you SHOULD stay logged in, open a second terminal and test if your settings actually work.

DO NOT CLOSE THE CURRENT SESSION!

or you might NOT get back in and need a service-technician to attach a KVM-console (like the LanTronix Spider Duo) to your server or reset your root password X-D

also: DON’T

change this to no:

PermitTTY yes

or you will get:

PTY allocation request failed on channel 0

and can not login.

nothing really usefull in the logs.

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin