Want to increase the security of SSH access to your RPI?
Want to discourage someone trying to access your RPI?
Stay tuned and I will give you 4 ways to do this
⏱️TIMESTAMPS⏱️
0:00 – Intro
0:52 – What we will be covering
1:12 – Changing SSH Port number
4:40 – Disabling root/Pi access to SSH
7:47 – Restrict by Subnet
1. Change Default SSH Port
1. sudo cp /etc/ssh/sshd_config sshd_config.bak
2. sudo nano /etc/ssh/sshd_config
3. Look for line that says port 22
4. Remove # from the front of the line if present
5. Change it to 8022 or something else
6. Safe file and exit nano
7. service sshd restart
2. Create new user for remote access
1. adduser username (replace with actual username)
2. usermod -aG sudo username (replace with actual username)
3. SSH to RPI and test new account
3. Disable root access to SSH login
1. sudo cp /etc/ssh/sshd_config sshd_config.bak2
2. sudo nano /etc/ssh/sshd_config
3. Look for PermitRootLogin yes
4. Change it to PermitRootLogin no
5. Look AllowUsers and add new remote account
6. sudo service ssh restart
7. Open new terminal and login with new remote account
8. Once that works, close out the root terminal session
4. Restrict access to internal subnet
1. sudo cp /etc/ssh/sshd_config sshd_config.bak2
2. sudo nano /etc/ssh/sshd_config
3. Look for AllowUsers line you previously added user to
4. Change it to AllowUsers username@10.0.1.*
5. Change 10.0.1.x to the ip address range you are using
6. * is a wildcard to allow any host in the range to access host
Reference articles
https://linuxize.com/post/how-to-create-a-sudo-user-on-debian/
https://unix.stackexchange.com/questions/406245/limit-ssh-access-to-specific-clients-by-ip-address
https://man.openbsd.org/sshd_config
================================================
*** Show Notes, Links and Resources ****
Here are the items mentioned in this video –
CanaKit Raspberry Pi 4 2GB Basic Starter Kit with Fan (2GB RAM)
https://amzn.to/35QBB8I
———————————–
Click on this link to get the
SmartHome Account Creation Checklist
http://eepurl.com/go4fVP
➥➥➥ SUBSCRIBE FOR MORE VIDEOS ➥➥➥
Never miss a video about creating your own smart home
Subscribe ⇢ http://ronaldnutter.com/subscribe
To listen to an audio version of this episode while driving, TechBytes with Ron Nutter is available on iTunes, Google Podcasts, Stitcher and TuneIn. Go to TechByteswithRonNutter.com to subscribe today!
To subscribe to the TechbytesRN newsletter, click here – http://ronaldnutter.com/sample1
In return for subscribing to the newsletter, I will send you a chapter from my first DIY Smart Home Guide Book.
Visit http://www.ronaldnutter.com to see all the books Ron has written
DISCLAIMER: This video and description contains affiliate links, which means that if you click on one of the product links, I’ll receive a small commission. This helps support the channel and allows me to continue to make videos like this. Thank you for the support!
*===============================*
Become a Patreon supporter
https://www.patreon.com/techbytesrn
*===============================*
#TechBytesRN #smarthome #RPI #SSH
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | TuneIn | RSS