Run the following command to back-up the sshd_config file before you modify it:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
Run the following command to open the sshd_config file with vi:
sudo vi /etc/ssh/sshd_config
Press the Shift and G keys at the same time to go the bottom of the file.
Press the i key to switch to insert mode.
Make sure the following options, at the bottom of the file, are set as follows:
**PermitRootLogin no
MaxAuthTries 3
LoginGraceTime 20**
Press Esc to exit insert mode.
Press the forward-slash (/) key to find text in the file.
Find each of the below options in the file, one at a time. If they begin with a hash symbol (#), then you'll need to remove the hash symbol in order to un-comment them. Then make sure each of the options are set to no.
**PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
KerberosAuthentication no
GSSAPIAuthentication no
X11Forwarding no
PermitUserEnvironment no
AllowAgentForwarding no
AllowTcpForwarding no
PermitTunnel no**
Press Esc, then press the colon key (:), then type wq and then press Enter to save and close the file.
Run the following command to test the sshd configuration:
sudo sshd -t
If you are simply returned to the command-line, after running this command, then this means that there were no configuration errors.
Run the below command to reload the sshd service:
sudo service sshd reload
Run the below command to disable iptables-persistent. If prompted to continue, then press Y to proceed.
sudo apt remove iptables-persistent
Run the following command to stop the iptables service:
sudo systemctl stop iptables
Run the following command to reload systemd manager configuration:
sudo systemctl daemon-reload
Run the below command to remove the unused packages. Press Y when prompted, asking if you want to continue.
sudo apt autoremove
Run the following command to update the package index:
sudo apt update