How to secure an SSH server in Ubuntu - steps

Securing an SSH server in Ubuntu 

    Securing an SSH server in Ubuntu is essential to protect your server from unauthorized access and attacks. Here are some detailed steps to secure an SSH server in Ubuntu:

1. Disable root login: By default, the root user can log in via SSH, which makes it an easy target for attackers. Therefore, it's recommended to disable root login and use a regular user account for SSH access.

    a. Login to the server as a regular user and switch to root user using "sudo su".     b. Edit the sshd_config file using the command "nano /etc/ssh/sshd_config".     c. Find the line "PermitRootLogin yes" and change it to "PermitRootLogin no".     d. Save the changes and restart the ssh service using the command "sudo service ssh restart".

2. Use SSH keys: Using SSH keys instead of passwords provides stronger security and protection against brute-force attacks.

    a. Generate a key pair on your local machine using the command "ssh-keygen".     b. Copy the public key to the server using the command "ssh-copy-id user@server". This command will prompt you to enter the password for the user account on the server. After that, it will copy the public key to the server's authorized_keys file.     c. Disable password authentication in the sshd_config file by changing the "PasswordAuthentication yes" line to "PasswordAuthentication no".     d. Save the changes and restart the ssh service.

3. Use a firewall: A firewall can help protect your server from unauthorized access by blocking traffic from untrusted sources.

    a. Install and enable a firewall like ufw using the command "sudo apt-get install ufw && sudo ufw enable".     b. Allow incoming SSH connections using the command "sudo ufw allow ssh".     c. Restrict incoming SSH connections to specific IP addresses using the command "sudo ufw allow from <IP_address> to any port ssh". Replace <IP_address> with the actual IP address you want to allow.     d. Verify the firewall rules using the command "sudo ufw status".

4. Enable two-factor authentication: Two-factor authentication adds an extra layer of security by requiring a second form of authentication in addition to the SSH key.

    a. Install and configure a two-factor authentication tool like Google Authenticator using the command "sudo apt-get install libpam-google-authenticator".     b. Run the command "google-authenticator" to generate a QR code and a secret key.     c. Configure the sshd_config file to enable two-factor authentication by adding the following lines: AuthenticationMethods publickey,keyboard-interactive ChallengeResponseAuthentication yes     d. Save the changes and restart the ssh service.

5. Keep the system up to date: Regularly updating the system and the installed software is important to ensure that you have the latest security patches and improvements.

    a. Use a package manager like apt to manage software updates and ensure that all installed software is up to date.

    By following these steps, you can significantly improve the security of your SSH server in Ubuntu and reduce the risk of unauthorized access or attacks.