Overview
Environment
Preparation
Install Ubuntu & Verify Root Login
Prepare SSH Keys on the Client Side
Server Update
Create a User
Transfer the Public Key to the Server
Configure sshd_config and Open Ports
Verify SSH Connection
Thoughts I often forget, so I'm taking notes. I'll add more if needed. Prepare an Ubuntu server on ConoHa and verify that you can log in as root. Create a private key and a public key. ssh-keygen -t rsa
ssh root@<ip address> sudo apt update && sudo apt upgrade -y Create a user with sudo privileges. adduser <username>usermod -aG sudo <username> Verify if the user belongs to the wheel group.groups <username> ※ Check the list of userscat /etc/passwd Log in as the created user.su <username> Prepare the .ssh directory.mkdir .sshtouch .ssh/authorized_keyschmod 700 .sshchmod 600 .ssh/authorized_keys Paste the public key created on the client side into ./ssh/authorized_keys. Change the SSH settings. sudo vi /etc/ssh/sshd_config Restart SSH.sudo /etc/init.d/ssh restart Continue to open ports. Check port settings.
sudo ufw status Edit the ~/.ssh/config file like this. Verify SSH connection with ssh conoha-demo. I feel like I wrote a similar note when I first touched CentOS. Templates let you quickly answer FAQs or store snippets for re-use. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse
Port 5005 // Change from default 22 to a custom number
PermitRootLogin no // Change from yes to no
PubkeyAuthentication yes // Change from no to yes
PasswordAuthentication no // Change from yes to no
UserPAM no // Change from yes to no
Port 5005 // Change from default 22 to a custom number
PermitRootLogin no // Change from yes to no
PubkeyAuthentication yes // Change from no to yes
PasswordAuthentication no // Change from yes to no
UserPAM no // Change from yes to no
Port 5005 // Change from default 22 to a custom number
PermitRootLogin no // Change from yes to no
PubkeyAuthentication yes // Change from no to yes
PasswordAuthentication no // Change from yes to no
UserPAM no // Change from yes to no
sudo ufw allow 5005
sudo ufw allow 443
sudo ufw default deny // Default setting might be deny...
sudo ufw enable
sudo ufw allow 5005
sudo ufw allow 443
sudo ufw default deny // Default setting might be deny...
sudo ufw enable
sudo ufw allow 5005
sudo ufw allow 443
sudo ufw default deny // Default setting might be deny...
sudo ufw enable
ServerAliveInterval 300
TCPKeepAlive yes
AddKeysToAgent yes
ForwardAgent yes
UseKeychain yes Host conoha-demo Hostname <ip address> User <username> Port 5005 // The custom port number set above IdentityFile ~/.ssh/<pubkey name>
ServerAliveInterval 300
TCPKeepAlive yes
AddKeysToAgent yes
ForwardAgent yes
UseKeychain yes Host conoha-demo Hostname <ip address> User <username> Port 5005 // The custom port number set above IdentityFile ~/.ssh/<pubkey name>
ServerAliveInterval 300
TCPKeepAlive yes
AddKeysToAgent yes
ForwardAgent yes
UseKeychain yes Host conoha-demo Hostname <ip address> User <username> Port 5005 // The custom port number set above IdentityFile ~/.ssh/<pubkey name> - Ubuntu 18.04.2 LTS (Bionic Beaver)
