sudo apt-get install openssh-server && sudo apt-get install ufw
sudo ufw enable && sudo ufw logging on && sudo ufw default deny
sudo gedit /etc/ssh/sshd_config
Never, ever give root access to SSH unless you have an extremely good reason for doing so. If an attacker happens to discern your root password, he or she will have total remote control over your system. By denying root login permission through SSH, you can provide an effective block to that danger.
The Port directive also specifies which TCP/IP port the SSH daemon uses to listen for SSH requests. The default port is 22, and you may want to change that, especially if your machine is accesible on the Internet. Many malware bots use port 22 for default SSH attack attempts, and by changing your port number you can stop at least some of the automated cracking attempts.
remove “#” @
sudo ufw allow (port number)
more command reference here: https://wiki.ubuntu.com/UbuntuFirewall
sudo /etc/init.d/ssh restart