diff --git a/ssh/update-ssh.sh b/ssh/update-ssh.sh
new file mode 100644
index 0000000..750361a
--- /dev/null
+++ b/ssh/update-ssh.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -e
+# Close door! No access for root over SSH!
+#
+# This script is inspired by https://stackoverflow.com/a/49018871
+
+if [[ "${UID}" -ne 0 ]]; then
+    echo "You need to run this script as root"
+    exit 1
+fi
+
+# To directly modify sshd_config (first rule currently disabled)
+
+# sudo sed -i 's/#\?\(Port\s*\).*$/\1 22/' /etc/ssh/sshd_config
+sudo sed -i 's/#\?\(PermitRootLogin\s*\).*$/\1 no/' /etc/ssh/sshd_config
+sudo sed -i 's/#\?\(PubkeyAuthentication\s*\).*$/\1 yes/' /etc/ssh/sshd_config
+sudo sed -i 's/#\?\(PermitEmptyPasswords\s*\).*$/\1 no/' /etc/ssh/sshd_config
+sudo sed -i 's/#\?\(PasswordAuthentication\s*\).*$/\1 no/' /etc/ssh/sshd_config
+
+# Check the exit status of the last command
+
+if [[ "${?}" -ne 0 ]]; then
+   echo "The sshd_config file was not modified successfully"
+   exit 1
+fi
+
+sudo /etc/init.d/ssh restart
+
+exit 0
\ No newline at end of file