sudo useradd -m -s /bin/bash alice
sudo passwd alice
Add user to wheel (sudo) group
sudo usermod -aG wheel alice
visudo
# uncomment the wheel line
%wheel ALL=(ALL) ALL
su - alice
sudo cp -r /home/ubuntu/.ssh .ssh
sudo chown -R alice:alice .ssh
sudo pacman -S openssh
sudo vim /etc/ssh/sshd_config
sudo sshd -t
sudo systemctl enable sshd.service
sudo systemctl restart sshd.service
PasswordAuthentication no
ChallengeResponseAuthentication no
PermitRootLogin no
PermitEmptyPasswords no
Port 1234 # pick a random port
AllowUsers alice # only allow alice to ssh
sudo pacman -S fail2ban
sudo vim /etc/fail2ban/jail.conf
sudo systemctl enable fail2ban.service
sudo systemctl start fail2ban.service
ignoreip = 127.0.0.1/8 ::1
[sshd]
enabled = true
sudo pacman -S ufw
sudo systemctl enable ufw.service
sudo systemctl start ufw.service
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22
sudo ufw enable
sudo ufw status
sudo netstat -tulpn
https://gist.github.com/miguelmota/45cf5254b870eeaf2e925b4d7fcfceb2