2024-03-13 09:09:02 +00:00
|
|
|
export MY_USER="my_user"
|
|
|
|
|
|
|
|
# Set up firewall
|
|
|
|
ufw allow OpenSSH
|
|
|
|
ufw enable
|
|
|
|
|
|
|
|
# Disable ssh password login
|
|
|
|
# sudo nano /etc/ssh/sshd_config
|
|
|
|
# PermitRootLogin no
|
|
|
|
# PasswordAuthentication no
|
|
|
|
# ChallengeResponseAuthentication no
|
|
|
|
# UsePAM no
|
2024-08-26 14:56:25 +00:00
|
|
|
|
|
|
|
# Create non-root user
|
|
|
|
adduser $MY_USER
|
|
|
|
usermod -aG sudo $MY_USER
|
2024-03-13 09:09:02 +00:00
|
|
|
|
|
|
|
# Enable ssh login
|
2024-08-26 14:56:25 +00:00
|
|
|
rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER/.ssh
|
2024-03-13 09:09:02 +00:00
|
|
|
|
|
|
|
# Fail2ban for SSH
|
2024-08-26 14:56:25 +00:00
|
|
|
apt install fail2ban
|
|
|
|
|
|
|
|
# Restart ssh
|
|
|
|
sudo systemctl restart ssh
|
|
|
|
|