The SSH Server module allows for configuration of the Secure Shell Daemon service in ClearOS.
If your system does not have this app available, you can install it via the Marketplace.
You can find this feature in the menu system at the following location:
You can customize the port, whether password authentication to SSH access is allowed, and whether or not root is allowed to log in.
The root account is the most sought after and the most common account to try and hack. Disabling root login lets you still log in as regular users but then requires those users to switch user (su) or use privilege escallation (sudo) for all root commands on the system. This is considered best practice and we highly recommend it.
Changing the port is a good idea because hackers will know to try port 22 for SSH and it is typically the first place they try. If you change the port, be sure to select a port that is not in use by another protocol on the system. (Valid range theoretically range from 0-65535)
By turning off password authentication you tell your system that you will use key based authentication. This is typically considered stronger authentication than passwords.