This is enabled in the default Arch AMI and hasn't been disabled by us.
Injecting an sshd_config will do the trick.
PermitRootLogin no
Probably also a good idea to double check password auth is disabled, maybe move off the default port of 22, and if this is running on a publicly-accessible box use something like fail2ban?
This is enabled in the default Arch AMI and hasn't been disabled by us.
Injecting an
sshd_configwill do the trick.Probably also a good idea to double check password auth is disabled, maybe move off the default port of 22, and if this is running on a publicly-accessible box use something like fail2ban?