SSH server

For the server I will assume debian because its a server what else is it going to run. To mitigate brute force attacks I will focus on setting up the server with only the RSA key.

First install the ssh goodies

sudo apt install openssh-server

Then got to:

vim  /etc/ssh/sshd_config  

And change the line #PasswordAuthentication yes to PasswordAuthentication no

Change PermitRootLogin to no

Now you start the systemd service

sudo service ssh start  

Now write down the local IPv4 of the server machine

ip -c address  

Setting up the router

Go to the router local IP (it should be in the bottom of the router) and in the security tab you should find port forwarding.
In this section add a device and put the server machine IP in the server IP section, select the TCP/UDP protocol, port 22 for entrece port and you favorite number for the output port.

For the output port select a number over 80 and below 65535, avoid 222 2222 22222.

Now search whats my ip and write down that number.

SSH Client

Install the ssh client

 sudo apt install openssh-client  

Generate the ssh key

ssh-keygen  

Copy the public key to a flash drive

cp ~/.ssh/id_rsa.pub /mnt/flash/drive

Go to the server computer with the ssh key and create the ssh directory and the authorized keys file.

mkdir ~/.ssh
cat /mnt/flash/drive/id_rsa.pub >> ~/.ssh/authorized_keys

Delete the key from the flash drive

Now the thing must be up and running. To test it do:

shh -XY **username**@**server_IP** -p **choosen_port*  

And it should work!