I would recommend to have following minimum procedures in place to protect Linux VMs over internet. Never share root password to individuals (VM users) Only give root access to individuals through sudo list (if required). VM root password must be strong…