Dies ist eine alte Version des Dokuments!
Based on: https://community.hetzner.com/tutorials/securing-ssh
StrictHostKeyChecking no kein Key Checking in config
Include /etc/ssh/sshd_config.d/*.conf Port 22 MaxAuthTries 2 AllowTcpForwarding no X11Forwarding no AllowAgentForwarding no # root login verbieten= no PermitRootLogin yes ClientAliveInterval 300 ClientAliveCountMax 1 PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no PrintMotd no AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server
Einstellungen testen:
sshd -t
systemctl restart sshd
Fail2Ban:
apt install fail2ban
systemctl enable fail2ban
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local