Config Files
          
          
            ~/.ssh/*, /etc/ssh/ssh_config, and /etc/ssh/sshd_config
          
          
            There are no required changes to any of these files. However, you
            may wish to view the /etc/ssh/
            files and make any changes appropriate for the security of your
            system. One recommended change is that you disable root login via ssh. Execute the following
            command as the root user to
            disable root login via
            ssh:
          
          
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
          
            If you want to be able to log in without typing in your password,
            first create ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub with
            ssh-keygen and then
            copy ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys on the remote
            computer that you want to log into. You'll need to change
            REMOTE_USERNAME and REMOTE_HOSTNAME for the username and hostname
            of the remote computer and you'll also need to enter your
            password for the ssh-copy-id command to succeed:
          
          
ssh-keygen &&
ssh-copy-id -i ~/.ssh/id_rsa.pub REMOTE_USERNAME@REMOTE_HOSTNAME
          
            Once you've got passwordless logins working it's actually more
            secure than logging in with a password (as the private key is
            much longer than most people's passwords). If you would like to
            now disable password logins, as the root user:
          
          
echo "PasswordAuthentication no" >> /etc/ssh/sshd_config &&
echo "ChallengeResponseAuthentication no" >> /etc/ssh/sshd_config
          
            If you added Linux-PAM support
            and you want ssh to use it then you will need to add a
            configuration file for sshd and
            enable use of LinuxPAM. Note,
            ssh only uses PAM to check passwords, if you've disabled password
            logins these commands are not needed. If you want to use PAM,
            issue the following commands as the root user:
          
          
sed 's@d/login@d/sshd@g' /etc/pam.d/login > /etc/pam.d/sshd &&
chmod 644 /etc/pam.d/sshd &&
echo "UsePAM yes" >> /etc/ssh/sshd_config
          
            Additional configuration information can be found in the man
            pages for sshd,
            ssh and
            ssh-agent.