Secure Shell or with its most know name SSH is a protocol developed to connect IT systems remotely and securely. SSH works as expected client-server architecture. In this post, we will look at various security-related configuration options of the SSH daemon service or sshd. The tutorial about the client-side ssh configuration can be found in the following link.

Secure Shell或其最著名的名称SSH是为远程安全地连接IT系统而开发的协议。 SSH按照预期的客户端-服务器体系结构运行。 在本文中，我们将介绍SSH守护程序服务或sshd的各种与安全性相关的配置选项。 可以在以下链接中找到有关客户端ssh配置的教程。

Ssh generally works as a service or daemon. This service starts by reading some configure file about the service. This configuration file is located at /etc/ssh/sshd_config . In most Linux distributions the file is used as startup-config. In order to modify the configuration file, we need root privileges.

SSH通常用作服务或守护程序。 该服务首先读取有关该服务的一些配置文件。 该配置文件位于/etc/ssh/sshd_config 。 在大多数Linux发行版中，该文件用作启动配置。 为了修改配置文件，我们需要root特权。

Some rules require comments about them. Comments are created with # lines. Comments have no effect on the SSH configuration.

一些规则要求对其进行注释。 用＃行创建注释。 注释对SSH配置无效。

After ssh configuration file changes ssh service or daemon should be restart to take effect new configuration. There are different ways to restart ssh service but the most global way to restart ssh daemon is using systemctl command like below.

ssh配置文件更改后，应重新启动ssh服务或守护程序以使新配置生效。 有多种方法可以重新启动ssh服务，但最全局的重新启动ssh守护程序的方法是使用systemctl命令，如下所示。

If the ssh is not used and we have direct access to the system stopping ssh service is a more secure choice. We will stop ssh service with systemctl command.

如果不使用ssh并且我们可以直接访问系统，则停止ssh服务是一个更安全的选择。 我们将使用systemctl命令停止ssh服务。

After configuration changes we restart the ssh service but how can be sure it is working. There are different ways but the most appropriate way is using systemctl to ge