Book Image

Banana Pi Cookbook

By : Ryad El-Dajani
Book Image

Banana Pi Cookbook

By: Ryad El-Dajani

Overview of this book

Table of Contents (13 chapters)

Securing SSH using SSH keys

You can use SSH over the Internet by opening a port in your router configuration just as it is demonstrated in the Synchronizing files over the Internet recipe. When doing so, your Banana Pi's SSH server is accessible over the Internet. This means that everybody is able to log in to your Banana Pi. This is especially risky if you have not changed the default password.

There are several methods to improve the security of your SSH server on the Internet. The three most used methods are:

  • You use a different port. For example, you could use port 22222 instead of the default 22. This will keep away a lot of potential attackers using superficial port scanners.

  • You disable the password login to your SSH server by using SSH keys as the authentication method.

  • You disable the possibility to log in as root by setting the variable PermitRootLogin to no in the /etc/ssh/sshd_config file.

In this recipe, we are going present the second method. Thus, we generate SSH keys and disable...