I came across invaluable article on how to make Linux system that runs OpenSSH server to be even more secure. It’s written by 17-year-old (!!!) Peter Upfold from FOSSwire and covers the following simple steps:
Disable SSH protocol 1- Enable key-based logins
- Don’t enable password-based logins
- Don’t run on port 22
- No remote root logins
I found these tips invaluable and sire that there is no doubt SSH-2 protocol remains the most common and safe method to access remote Linux or Unix system. The article is freely available here.
You might also be interested in running denyhosts to make sure that even normal accounts don’t get bruteforced. And while running on a non-standard port will save you from bots and worms, a dedicated would-be intruder will be fingerprinting all your ports for service banners anyway.