The Secure Shell (SSH) provides protected, encrypted communication with other systems. As SSH is an entry point into the system, it's considered good security practice to disable it if it's not required.

You can edit the /etc/ssh/sshd_config file to restrict local access to the root user and remote access to certain users and groups by configuring the settings. You can also configure settings in the /etc/ssh/sshd_config file so that the SSH client automatically times out after of period of inactivity.

Disabling password-based authentication for SSH and to requiring public key authentication instead is considered good security practice. By doing this, you can limit access to users who own an authorized private key.

After making any changes to the configuration file, you must restart the sshd service for the changes to take effect.

For more information, see Oracle Linux: Connecting to Remote Systems With OpenSSH and the sshd_config(5) manual page.