Performing Security Hardening on SSH Connections

You can modify configuration files such as ssh_config and sshd_config in /etc/ssh/ or ~/.ssh to harden the security of SSH connections. Do not use the SSHv1 protocol or insecure communication protocol encryption components. Enabling root login poses security risks. For details, see the related OS documents.

You can use public and private keys for SSH login authentication. When using this method, ensure that the algorithm and key lengths meet the security requirements of your organization. For the RSA algorithm, the key length must be greater than or equal to 3,072 bits. Do not set a private key with an empty password. This poses security risks. The length and complexity of the private key password must meet the security requirements of your organization.