Assuming you are logged into the remote machine with sudo privledges
sudo useradd sol
sudo usermod -aG sudo sol
Next verify that the sol user has sudo privledges:
sudo ls /root/
Create an ssh keypair on your local machine (not on the remote server)
ssh-keygen -t ed25519
Copy the contents of $HOME/.ssh/id_ed25519.pub
then ssh to the remote machine
su - sol
mkdir ~/.ssh
touch ~/.ssh/authorized_keys
- Paste the contents of
$HOME/.ssh/id_ed25519.pub
into~/.ssh/authorized_keys
on the remote machine
Now verify that you can ssh to the remote machine using the sol user
ssh sol@remote-host
Verify that you have the correct public key in /home/sol/.ssh/authorized_keys
If you have multiple keys on your localhost, you may have to specify the ssh keypai to use
ssh -i $HOME/.ssh/id_ed25519.pub sol@remote-host
Your local .ssh/config
may be causing issues. To use ssh without the config, do the following:
ssh -F /dev/null sol@remote-host
WARNING These changes could disable remote access if done incorrectly. Be sure that the sol user can login remotely before proceeding.
Edit /etc/ssh/sshd_config
or add /etc/ssh/sshd_config.d/disable_root.conf
. In order for the disbale_root.conf
file to work, you must have a line in /etc/ssh/sshd_config
that includes the file. It may look like this: Include /etc/ssh/sshd_config.d/*.conf
In either file, add the following lines:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no
Then reload the ssh daemon
sudo systemctl reload ssh
Lastly, install fail2ban to mitigate repeated malicious login attempts
sudo apt update
sudo apt install fail2ban
Remote root access should now be disabled
ssh root@remote-host
should fail
Remote sol user access should succeed
ssh sol@remote-host
Check access logs using journelctl
journelctl -u ssh –since -1h
journelctl -u ssh –since -2d