[LINUX] SSH public key authentication was set for Sakura VPS Cent OS 7.7

Install Cent OS 7.7 on Sakura VPS and start from a clean state.

Update package

yum -y update

Log in with ssh to add users and set passwords

ssh [email protected]
adduser hogehoge
passwd　hogehoge

Change permissions

cd ../
chmod 700 hogehoge

Make a key on your Mac

mkdir .ssh
cd .ssh
ssh-keygen -t rsa
Enter file in which to save the key (/Users/aya/.ssh/id_rsa): hogehoge #Name of any key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

The passphrase is optional, but don't forget it. You now have two files, "hogehoge_rsa" and "hogehoge_rsa.pub".

Send the key to the server and place it

scp hogehoge.pub [email protected]:~
ssh [email protected]
ls
#hogehoge_rsa.Confirm that pub exists.
mkdir .ssh
chmod 700 .ssh
mv hogehoge_rsa.pub .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

Editing sshd_config

su
vi /etc/ssh/sshd_config
#Port 22
↓
Port xxxx

The port number should be 1024 or higher, preferably 49513 to 65535. This time, "49513" is used.

Prevent you from logging in as root

#PermitRootLogin yes
↓
PermitRootLogin no

Public key authentication settings.

#PubkeyAuthentication yes
↓
PubkeyAuthentication yes

Disable login with password

PasswordAuthentication yes
↓
PasswordAuthentication no

If you change it so far, save it.

Restart sshd

systemctl restart sshd.service

Firewall settings

Rewrite port

vi /usr/lib/firewalld/services/ssh.xml
port protocol="tcp" port="22"/Rewrite "22" to "49513".

Firewall restart

systemctl reload firewalld.service

Check if SSH connection is possible

ssh [email protected] -i ~/.ssh/hogehoge_rsa -p 49513

Key setting on mac side

vi ~/.ssh/config
Host ops
    Hostname xxx.xxx.xxx.xxx
    User hogehoge
    Port 49513
    IdentityFile ~/.ssh/hogehoge_rsa
    IdentitiesOnly yes

Check if you can connect

ssh hogehoge

I referred to this article. https://qiita.com/sugasaki/items/a297f0404bd5fe0d818a