Remote access for Linux (Debian based) system

  • If a user has to access multiple recourse use remote access VPN

If you must use SSH externally:

  • Use non-default port TCP p̵o̵r̵t̵ ̵2̵2̵
    • Change SSH Configurations
      “sudo nano /etc/ssh/sshd_config”

Change the SSH port number to 6111:

  • Use a single source address
    • If not possible. Block to single ISP

      Block using UFW:
      Create a Unix-formatted list of IPs
      Upload file using FileZilla
      Run “while read line; do ufw allow from $line to any port 6111 proto tcp; done < ISP_LMT_Tele2_List.txt”
      To delete SSH old rule in UFW run “sudo ufw status numbered”
      and “ufw delete 292” or Deletes rules from 100 to 200 for i in {200..100};do yes|sudo ufw delete $i;done
    • If that’s not viable Geo block
      • To protect SSH use Fail2Ban

Leave a Reply

Your email address will not be published. Required fields are marked *