Initial Server Setup

ssh [email protected]_server_ip

Create a New User

adduser dev

Grant new user sudo priviledges

usermod -aG sudo dev

Add public key authentication

ssh-keygen

Copy public key to server

ssh-copy-id [email protected]_server_ip

OR

On the server

su dev
mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
exit
exit

Now try to connect

Disable Password Authentication

As root or new user open /etc/ssh/sshd_config

set PasswordAuthentication no set PubkeyAuthentication yes set ChallengeResponseAuthentication no

reload ssh daemon

sudo systemctl reload sshd

Setup basic firewall

sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw enable

see if UFW is running

sudo ufw status

Install/configure Fail2Ban

Tags: Note