BuycPanel Blog

BuycPanel Blog

Latest news and updates

How do you Secure SSH in cPanel?

Posted by Allura on 17 08 2018.

General overview
SSH in cPanel enlists various helpful changes which can be made to a server in order to bring about an improvement in the SSH security. For securing your server, it is highly recommended to confine and configure the SSH access properly.

Steps to secure SSH

 	Be cautious before granting SSH access to someone

Make sure you never grant access of SSH to any user who does not need to. For removing the SSH access for a particular user, make use of ‘How to secure SSH access’ at WHM’s interface. This is done by WHM>> Home>> Account Functions>> Manage Shell Access. It is recommended to give a confined, in other words, a jailed environmental access to those users who do not essentially need SSH access, yet need to access the files in their directory home page.

 	Setting an SSH legal message

You can set an SSH legal message which will be displayed by…

General overview

SSH in cPanel enlists various helpful changes which can be made to a server in order to bring about an improvement in the SSH security. For securing your server, it is highly recommended to confine and configure the SSH access properly.

Steps to secure SSH

  1. Be cautious before granting SSH access to someone

Make sure you never grant access of SSH to any user who does not need to. For removing the SSH access for a particular user, make use of ‘How to secure SSH access’ at WHM’s interface. This is done by WHM>> Home>> Account Functions>> Manage Shell Access. It is recommended to give a confined, in other words, a jailed environmental access to those users who do not essentially need SSH access, yet need to access the files in their directory home page.

  1. Setting an SSH legal message

You can set an SSH legal message which will be displayed by the system, the moment someone tries logging in to your server via SSH. Make use of a text editor for editing the /etc/ motd file for setting a message and then save it.

  1. Use the SSH keys

You can make certain changes in the server which will force users to access your SSH through keys instead of a password. For instance, you can disable the authentication of password from the SSH server. For doing this:

  • Use ‘how to secure SSH’ at WHM’s interface for generating and downloading a key ideally for a root user.
  • Make use of WHM interface’s ‘SSH password authorization tweak’ to disable the password.
  1. Strengthening SSH security

Certain changes ought to be made in the /etc/ SSH/ SSHD_ configuration file which consists of the configuration settings in the server. The alterations must be made essentially in the

  1. Port
  2. Protocol
  3. Listen address
  4. Permit root login
  5. Editing the SSHD_ configuration file

 

For executing the above statement, follow the given steps:

  • Use the SU command after logging in to the server for becoming the root user.
  • With the subsequent command, back up SSHD_ configuration file – cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak`date +%F`
  • Open the aforementioned file with the help of text editor.
  • For changing a certain parameter in the file, uncomment the line containing the parameter.
  • After configuring SSH, start running the /scripts/restart_sshdscript or the service sshd restart command for restarting the SSH daemon.