{"id":35009311,"url":"https://github.com/torshin5ergey/roadmapsh-ssh-remote-server-setup","last_synced_at":"2026-03-17T17:34:09.998Z","repository":{"id":290789409,"uuid":"975498964","full_name":"torshin5ergey/roadmapsh-ssh-remote-server-setup","owner":"torshin5ergey","description":"This is my solution to the SSH Remote Server Setup project in the DevOps roadmap from roadmap.sh","archived":false,"fork":false,"pushed_at":"2025-04-30T14:35:53.000Z","size":2,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-30T15:51:51.316Z","etag":null,"topics":["apt","fail2ban","linux","openssh-server","ssh","ubuntu"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/torshin5ergey.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-30T12:15:32.000Z","updated_at":"2025-04-30T14:40:27.000Z","dependencies_parsed_at":"2025-04-30T15:51:54.556Z","dependency_job_id":"1a0bd65f-301c-4822-84a7-e6725e27fb99","html_url":"https://github.com/torshin5ergey/roadmapsh-ssh-remote-server-setup","commit_stats":null,"previous_names":["torshin5ergey/roadmapsh-ssh-remote-server-setup"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/torshin5ergey/roadmapsh-ssh-remote-server-setup","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/torshin5ergey%2Froadmapsh-ssh-remote-server-setup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/torshin5ergey%2Froadmapsh-ssh-remote-server-setup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/torshin5ergey%2Froadmapsh-ssh-remote-server-setup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/torshin5ergey%2Froadmapsh-ssh-remote-server-setup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/torshin5ergey","download_url":"https://codeload.github.com/torshin5ergey/roadmapsh-ssh-remote-server-setup/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/torshin5ergey%2Froadmapsh-ssh-remote-server-setup/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30628362,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-17T17:32:55.572Z","status":"ssl_error","status_checked_at":"2026-03-17T17:32:38.732Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apt","fail2ban","linux","openssh-server","ssh","ubuntu"],"created_at":"2025-12-27T04:57:01.504Z","updated_at":"2026-03-17T17:34:09.985Z","avatar_url":"https://github.com/torshin5ergey.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🔐 SSH Remote Server Setup Project for roadmap.sh\n\nThis is my solution to the [SSH Remote Server Setup project](https://roadmap.sh/projects/ssh-remote-server-setup) in the [DevOps roadmap](https://roadmap.sh/devops) from [roadmap.sh](https://roadmap.sh/)\n\n**Table of Contents**\n- [Project Requirements](#project-requirements)\n- [Prerequisites](#prerequisites)\n- [SSH Remote Server Setup Guide](#ssh-remote-server-setup-guide)\n- [Some SSH configuration Best Practices](#some-ssh-configuration-best-practices)\n- [Author](#author)\n\n## Project Requirements\n\n- Register and setup a remote linux server on any provider.\n- Create two new SSH key pairs and add them to your server.\n- You should be able to connect to your server using both SSH keys.\n- *Advanced*. Setup login with alias.\n- *Advanced*. Install and configure `fail2ban` to prevent brute force attack.\n\n## Prerequisites\n\n- A remote host with OpenSSH-server installed.\n- Remote server IP address.\n\n## SSH Remote Server Setup Guide\n\n1. Generate SSH key pairs on your local machine. Use ED25519 or RSA key type\n```bash\n# -t key type\n# -b bits in the key\n# -C comment\n# -f output filename\nssh-keygen -t ed25519 -C \"comment\"\n# or\nssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_kubernetes -C \"comment\"\n```\n\n2. Copy **public** key to your remote server. Ypu need to provide username's password for this action\n```bash\n# -i identity file (public key file)\nssh-copy-id -i path/to/public/key username@hostip\n```\n\n3. *Advanced.* Add host to `~/.ssh/config` to connect with `alias`\n```bash\nHost alias\n  HostName hostip # IP od DNS from /etc/hosts\n  User username\n  Port 22 # optional SSH port (default is 22)\n  IdentityFile path/to/private/key\n```\n\n4. SSH into your remote server\n```bash\n# -i identity file (private key file)\n# -p SSH port\n\n# with username and hostname\nssh -i path/to/private/key username@hostip\n\n# with alias\nssh alias\n```\n\n5. *Advanced*. Install and Setup `fail2ban`\n\n- Install `fail2ban`\n```bash\nsudo apt update \u0026\u0026 sudo apt install fail2ban -y\n```\n- Create **custom** configuration file from default `/etc/fail2ban/jail.conf`. Setup `fail2ban` parameters only inside custom configuration files. Default `maxretry=5`, `bantime=10m`.\n```bash\nsudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.d/jail.local\n```\n- Start and enable service\n```bash\nsudo systemctl start fail2ban\nsudo systemctl enable fail2ban\n```\n- Check ban status\n```bash\nsudo fail2ban-client status sshd\n```\n\n## Some SSH configuration Best Practices\n\n`/etc/ssh/sshd_config`\n\n- Disable password based login\n```bash\nAuthenticationMethods publickey\nPubkeyAuthentication yes\n```\n- Disable login users with empty passwords\n```bash\nPermitEmptyPasswords no\n```\n- Disable root login\n```bash\nPermitRootLogin no\nChallengeResponseAuthentication no\nPasswordAuthentication no\nUsePAM no\n```\n- Allow access only from specific IPs\n```bash\nAllowUsers user@192.168.0.*\n```\n- Restart `sshd` after changing the configuration\n```bash\nsudo systemctl restart sshd\n```\n\n## Author\n\nSergey Torshin [@torshin5ergey](https://github.com/torshin5ergey)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftorshin5ergey%2Froadmapsh-ssh-remote-server-setup","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftorshin5ergey%2Froadmapsh-ssh-remote-server-setup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftorshin5ergey%2Froadmapsh-ssh-remote-server-setup/lists"}