• Understand SSH and Its Risks
• Change the Default SSH Port
• Disable Root Login
• Use SSH Keys Instead of Passwords
• Enable Firewall on AlmaLinux
• Keep Your System Updated
• Monitor Login Attempts
• Conclusion

Securing SSH on AlmaLinux 9.4 is crucial for protecting your server from unauthorized access. With the rise in cyber threats and malicious attacks, implementing strong security measures is not just advisable but necessary. In this article, we’ll explore effective strategies to enhance the security of your SSH configuration.

Understand SSH and Its Risks

SSH, or Secure Shell, is a protocol used to securely connect to remote computers. It plays a vital role in managing servers remotely. However, if not configured properly, it can become a target for hackers, exposing your data and server to compromise. Thus, understanding the associated risks is the first step towards securing your SSH configuration on AlmaLinux 9.4.

Change the Default SSH Port

One immediate action you can take is to change the default SSH port from 22 to a non-standard port. This can reduce the volume of automated attacks since many bots target the default port.

To change the SSH port, follow these steps:

1. Edit SSH Configuration: Open the SSH configuration file:

   sudo vi /etc/ssh/sshd_config
   

2. Modify the Port: Look for the line that says #Port 22 and change it to a different number, such as Port 2222.
3. Restart SSH Service: After saving your changes, restart the SSH service:

   sudo systemctl restart sshd
   

Disable Root Login

Allowing root login via SSH can be a significant security risk. Instead, it’s better to create a user account with sudo privileges.

1. Create a New User:

   sudo adduser username
   sudo passwd username
   

2. Grant Sudo Privileges: Add the user to the wheel group for admin rights:

   sudo usermod -aG wheel username
   

3. Disable Root Login: Open the SSH configuration file and find the line that says:

   PermitRootLogin yes
   

   Change it to:

   PermitRootLogin no
   

Use SSH Keys Instead of Passwords

Using SSH keys is more secure than using passwords, as they are much harder to crack. Here’s how to set it up:

1. Generate SSH Key Pair: On your local machine, run:

   ssh-keygen -t rsa -b 4096
   

   Follow the prompts to save the key in the default location.

2. Copy the Public Key to the Server:

   ssh-copy-id username@your_server_ip
   

3. Disable Password Authentication: In the SSH configuration file, locate the following lines and make these changes:

   PasswordAuthentication no
   PubkeyAuthentication yes
   

Enable Firewall on AlmaLinux

Utilizing a firewall adds an additional layer of security. AlmaLinux uses firewalld by default, which is easy to configure. To enable the firewall and allow your SSH port:

1. Start and Enable the Firewall:

   sudo systemctl start firewalld
   sudo systemctl enable firewalld
   

2. Allow the Custom SSH Port:

   sudo firewall-cmd --zone=public --add-port=2222/tcp --permanent
   sudo firewall-cmd --reload
   

Keep Your System Updated

A strong security posture involves keeping your system up to date. Regularly updating your AlmaLinux server can help patch vulnerabilities. To do this, run:

sudo dnf update

Monitor Login Attempts

Monitoring SSH login attempts can help you detect suspicious activities. Using tools like fail2ban, you can automatically block IP addresses that show malicious behavior.

1. Install Fail2ban:

   sudo dnf install fail2ban
   

2. Start and Enable Fail2ban:

   sudo systemctl start fail2ban
   sudo systemctl enable fail2ban
   

Conclusion

Implementing these strategies will significantly enhance the security of your SSH connections on AlmaLinux 9.4. Regularly review and update your security measures to keep up with evolving threats. By prioritizing security, you protect not only your server but also the data it holds.

Following these steps will provide a robust framework for minimizing risks associated with SSH access while fostering a safer environment for your server and applications.