export MY_USER="my_user"

# Set up firewall
ufw allow OpenSSH
ufw enable

# Disable ssh password login
# sudo nano /etc/ssh/sshd_config
# PermitRootLogin no
# PasswordAuthentication no
# ChallengeResponseAuthentication no
# UsePAM no

# Create non-root user
adduser $MY_USER
usermod -aG sudo $MY_USER

# Enable ssh login
rsync --archive --chown=$MY_USER:$MY_USER ~/.ssh /home/$MY_USER/.ssh

# Fail2ban for SSH
apt install fail2ban

# Restart ssh
sudo systemctl restart ssh