I came across an article that has a few simple steps on how to secure SSH. I think they’re good tips and wanted to pass them on.
Here’s a quick summary:
1. Disable root logins
2. Disable keyboard interactive logins
3. Enforce password protected keys (this one has been edited and doesn’t really apply)
4. Blacklist with DenyHosts
5. Change the port number
To make reading logs easier, I also have a firewall filter that limits those brute-force SSH attacks that are so prevalent on the web. I should probably write a more detailed doc on it, but here’s a link to a discussion where I briefly explained filtering SSH attacks with iptables.