Administering a web server means dealing with a server that is literally constantly under attack. And having your server get hacked is certainly not a fun experience. So I make an effort to improve security where possible. Here are my quick and dirty notes on securing SSH on a new server.
First, we add a non-root user:
And set a password for our new user:
Now we give this user permission to gain root access.
And insert the line
myusername ALL=(ALL) ALL
This allows us to disable root login in the sshd config.
And uncomment the following line.
I also suggest using key based authentication so you can disable password logins to ssh completely. For more info on doing this, go to :