Root account access warning
Add the following to the top of the file
/root/.bashrcand you will be informed by email when the root account is being accessed.
echo -e "Root Shell Access on `tty` \n `w`" | mail -s "Alert: Root Access" firstname.lastname@example.org
You are also required to add the captioned line at the sudoers' .bashrc file.
echo -e "Sudoer Shell Access on `tty` \n `w`" | mail -s "Alert: Sudoer Access" email@example.com
The official port of SSH is 22. You can change it to any port that between 1024 and 65535. You can do it at the router or firewall and you can do it at the configure file of SSH at
/etc/ssh/sshd_config. You are recommended to disable the root account login via SSH even you are using Ubuntu.
sudo /etc/init.d/sshd restart
Block all failed attempts
You are also required to install Fail2Ban in order to block all several time failed attempts.
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install fail2ban
Change the setting at
Restart the fail2ban after the changes.
sudo /etc/init.d/fail2ban restart
Finally, enable firewall and only allow necessary ports to be access.
That's all! See you.