Arch Linux

heidegger

Member

Registered: 2013-04-24

Posts: 100

[SOLVED] SSH not honoring changes in ssh_config or drop-in [VM/Vultr]

This is my first attempt using an off-site VM and a prebuilt Arch Image.
The system seems to be setup similar to how I would set it up locally.
So I'm very confused why my changes to SSH aren't being honored.

I've created a limited user with sudo privileges and have SSH keys working for both root and my user.
However all SSH limitations I am trying to add are being ignored.

I've tried adding to a drop-in file /etc/ssh/ssh_config.d/20-force_publickey_auth.conf:

PasswordAuthentication no
AuthenticationMethods publickey

I've tried adding to a drop-in file /etc/ssh/ssh_config.d/21-deny_root.conf:

PermitRootLogin no

I've tried reloading sshd.service and restarting the VM.
I've tried adding the above changes directly to ssh_config.conf.
I've been referencing the Arch Wiki but I've run out of ideas.

I'm clearly missing some key factor and I'm guessing it's related to the way ssh is initially set up by Vultr.
Either that or I've just glossed over an important step.

Since this is facing the WAN I'm already getting many failed ssh attempts from the baddies and need to get this locked down.

Thanks!
H

EDIT:
Note that I have also tried commenting out the drop-in files as well as adding

AllowUsers my_username

to ssh_config.

I've also been referencing Vultr's arch security reccomendations here: https://docs.vultr.com/how-to-secure-ssh-on-arch-linux

Last edited by heidegger (2025-02-23 23:14:43)

astralc

Member

Registered: 2022-09-17

Posts: 108

Re: [SOLVED] SSH not honoring changes in ssh_config or drop-in [VM/Vultr]

I think you are confused between ssh_config and sshd_config. I you are the server it is sshd_config.

heidegger

Member

Registered: 2013-04-24

Posts: 100

Re: [SOLVED] SSH not honoring changes in ssh_config or drop-in [VM/Vultr]

Yes, that is exactly my problem.
Thank you for the second set of eyes.

Problem in chair.