・keypair作成(client)
$ssh-keygen -t rsa -b 4096
$ mkdir ~/.ssh
$ chmod -R 700 ~/.ssh
$ vi ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
・sshd_config設定
$ sudo vi /etc/ssh/sshd_config
Port 49152 #デフォルト:#Port 22
PermitRootLogin no #デフォルト:PermitRootLogin yes
PubkeyAuthentication yes #デフォルト:#PubkeyAuthentication yes
PasswordAuthentication no #デフォルト:PasswordAuthentication yes
・firewalld穴空け
$ sudo firewall-cmd --add-port=49152/tcp --permanent
$ sudo firewall-cmd --reload
$ sudo firewall-cmd --list-port
22/tcp
・service再起動
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
・
$ sudo dnf install -y policycoreutils-python-utils
$ sudo semanage port --add --type ssh_port_t --proto tcp 49152
$ sudo semanage port --list | grep ssh
ssh_port_t tcp 49152, 22
$ sudo systemctl restart sshd
$ sudo systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat yyyy-MM-dd hhss JST; ●h ●min ago