-
Notifications
You must be signed in to change notification settings - Fork 259
SSH
The rtinst.sh script makes some configuration changes to ssh. A couple of these have created confusion with some users, so I will explain why the changes were made, and how to revert the changes, if you so choose.
The script assigns a random port between 21000 and 29000. The reason for doing this is to circumvent bot intrusions, which will generally attack the default port 22. Changing the port will not deter a proficient hacker specifically targeting your system, but it will close the default port to countless intrusion attempts from bots.
You can run rtinst.sh using the option -t or --ssh-default to retain port 22 for ssh, but to revert it at another time use the following command, and you can substitute 22 for any port you would rather use:
sudo sed -i "/^Port/ c\Port 22" /etc/ssh/sshd_config
The script disables root login. This means that you cannot connect using SSH directly with root. You can login as a normal user, and switch to root using the su command, or run individual commands as root using sudo.
Connecting as root is not considered good practice, most applications should not be run as root, and logged in as root, you can inadvertently do a lot of damage to your system. Therefore most users will minimise there time as root, and use sudo rather than logging in as root.
If you wish to be able to connect directly as root you can run the following command, ( change yes to no to deny permission) :
sudo sed -i '/^PermitRootLogin/ c\PermitRootLogin yes' /etc/ssh/sshd_config
After making any changes you will need to restart ssh
sudo service ssh restart