by Garrett Hyde / @GarrettHyde
If you have any questions, don't hesitate to ask
“Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense–style mandatory access controls (MAC).”
If at first you don't succeed, put SELinux in permissive mode.
$ sudo setenforce [ Enforcing | Permissive | 1 | 0 ]
$ getenforce
/etc/selinux/config
$ sudo vi /etc/ssh/sshd_config
Port 2222
$ sudo systemctl restart sshd
$ ssh-keygen -b 4096 -t rsa -f ~/.ssh/id_rsa -C "My first SSH key"
$ ssh-copy-id -i ~/.ssh/id_rsa.pub username@linux-host.local
$ sudo vi /etc/ssh/sshd_config
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitRootLogin no
$ sudo systemctl restart sshd
$ sudo systemctl [ start | stop ] firewalld
$ sudo systemctl [ enable | disable ] firewalld
$ sudo firewall-cmd --zone=public --add-port=2222/tcp --permanent
$ sudo firewall-cmd --zone=public --remove-port=22/tcp --permanent
“Passwords are like underwear; you don’t let people see it, you should change it very often, and you shouldn’t share it with strangers.” -- Chris Pirillo