Install Cent OS 7.7 on Sakura VPS and start from a clean state.
yum -y update
ssh [email protected]
adduser hogehoge
passwd hogehoge
cd ../
chmod 700 hogehoge
mkdir .ssh
cd .ssh
ssh-keygen -t rsa
Enter file in which to save the key (/Users/aya/.ssh/id_rsa): hogehoge #Name of any key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
The passphrase is optional, but don't forget it. You now have two files, "hogehoge_rsa" and "hogehoge_rsa.pub".
scp hogehoge.pub [email protected]:~
ssh [email protected]
ls
#hogehoge_rsa.Confirm that pub exists.
mkdir .ssh
chmod 700 .ssh
mv hogehoge_rsa.pub .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
Editing sshd_config
su
vi /etc/ssh/sshd_config
#Port 22
↓
Port xxxx
The port number should be 1024 or higher, preferably 49513 to 65535. This time, "49513" is used.
Prevent you from logging in as root
#PermitRootLogin yes
↓
PermitRootLogin no
Public key authentication settings.
#PubkeyAuthentication yes
↓
PubkeyAuthentication yes
Disable login with password
PasswordAuthentication yes
↓
PasswordAuthentication no
If you change it so far, save it.
systemctl restart sshd.service
Rewrite port
vi /usr/lib/firewalld/services/ssh.xml
port protocol="tcp" port="22"/Rewrite "22" to "49513".
Firewall restart
systemctl reload firewalld.service
ssh [email protected] -i ~/.ssh/hogehoge_rsa -p 49513
vi ~/.ssh/config
Host ops
Hostname xxx.xxx.xxx.xxx
User hogehoge
Port 49513
IdentityFile ~/.ssh/hogehoge_rsa
IdentitiesOnly yes
ssh hogehoge
I referred to this article. https://qiita.com/sugasaki/items/a297f0404bd5fe0d818a