Administering a web server means dealing with a server that is literally constantly under attack. And having your server get hacked is certainly not a fun experience. So I make an effort to improve security where possible. Here are my quick and dirty notes on securing SSH on a new server.
First, we add a non-root user:
adduser myusername
And set a password for our new user:
passwd myusername
Now we give this user permission to gain root access.
vi /etc/sudoers
And insert the line
myusername ALL=(ALL) ALL
This allows us to disable root login in the sshd config.
vi /etc/ssh/sshd_config
And uncomment the following line.
PermitRootLogin no
I also suggest using key based authentication so you can disable password logins to ssh completely. For more info on doing this, go to :
http://www.howtoforge.com/ssh_key_based_logins_putty