ssh

SSH change port

Add to sshd configuration

Go to the file

# nano /etc/ssh/sshd_config

and add line

Port <SSH_NEW_PORT>

Configure SELinux

# semanage port -a -t ssh_port_t -p tcp 50

Configure Firewall

# firewall-cmd --permanent --remove-service=ssh
success
# firewall-cmd --permanent --add-port=<SSH_NEW_PORT>/tcp
success
# firewall-cmd --reload

Restart sshd service

# systemctl restart sshd 
# systemctl status sshd.service

Remote access be like

# ssh -p <SSH_NEW_PORT> server@ip

SSH using keys

On your remote device follow these steps.

Generate key

$ ssh-keygen -t ed25519

By default, will be stored at /home/user/.ssh/id_ed25519

Add it to remote key (server)

$ ssh-copy-id -p <PORT> -i ~/.ssh/id_ed25519 user@remote

This will add the public key (i.e. id_ed25519.pub) to the the server file ~./.ssh/authorized_keys

Add passphrase to KeePassXC

Now, passphrase won’t be asked when KeePassXC is unlocked.

Disable ssh with password

PasswordAuthentication no

Next, restart ssh service

RHEL:

$ sudo service ssh restart

Arch:

a