A second way to tighten up remote SSH access is to use public-key authentication. This protects your system passwords because you authenticate with a cryptographic key, instead of using a login/password. (See Resources to learn how to do this.) In addition to disabling root logins, you should also disable password authentication with this line in /etc/ssh/sshd_config:

PasswordAuthentication no

Now you can sit back and laugh at brute-force SSH attacks, because they simply won't work.

Next: Why Remote Administration? »