Assuming you are logged into the remote machine with sudo privledges
sudo useradd solsudo usermod -aG sudo sol
Next verify that the sol user has sudo privledges:
sudo ls /root/
Create an ssh keypair on your local machine (not on the remote server)
ssh-keygen -t ed25519
Copy the contents of $HOME/.ssh/id_ed25519.pub then ssh to the remote machine
su - solmkdir ~/.sshtouch ~/.ssh/authorized_keys- Paste the contents of
$HOME/.ssh/id_ed25519.pubinto~/.ssh/authorized_keyson the remote machine
Now verify that you can ssh to the remote machine using the sol user
ssh sol@remote-host
Verify that you have the correct public key in /home/sol/.ssh/authorized_keys
If you have multiple keys on your localhost, you may have to specify the ssh keypai to use
ssh -i $HOME/.ssh/id_ed25519.pub sol@remote-host
Your local .ssh/config may be causing issues. To use ssh without the config, do the following:
ssh -F /dev/null sol@remote-host
WARNING These changes could disable remote access if done incorrectly. Be sure that the sol user can login remotely before proceeding.
Edit /etc/ssh/sshd_config or add /etc/ssh/sshd_config.d/disable_root.conf. In order for the disbale_root.conf file to work, you must have a line in /etc/ssh/sshd_config that includes the file. It may look like this: Include /etc/ssh/sshd_config.d/*.conf
In either file, add the following lines:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin noThen reload the ssh daemon
sudo systemctl reload ssh
Lastly, install fail2ban to mitigate repeated malicious login attempts
sudo apt update
sudo apt install fail2ban
Remote root access should now be disabled
ssh root@remote-hostshould fail
Remote sol user access should succeed
ssh sol@remote-host
Check access logs using journelctl
journelctl -u ssh –since -1h
journelctl -u ssh –since -2d