SSH Hardening: Secure Server Configuration Against Intrusion

Port 2222
PermitRootLogin no
PasswordAuthentication no
MaxAuthTries 3
AllowUsers deploy admin

Never close your current session before verifying new settings in a second window. Test: sshd -t && systemctl reload sshd