Unable to get RH9 to lock out user for period of time after 3 failed SSH login attempts. I’ve modified /etc/ssh/ssh_config by enabling UsePAM yes and adding the following content to the following files. I’ve changed the order around w no luck. Any suggestions?

I have a bastion machine for which I use the key on my local machine:

I have a bastion machine for which I use the key on my local machine:

I have a server name rs. Rs connect to srv1 and srv2 via ssh with authentication by key configured.
The pair of keys has been generated with key-gen
The same key as been transferred successfully to srv1 and srv2 with ssh-id-copy. I have check authorized_keys file.
sshd_conf is the same on both destination servers (srv1 and srv2).
When ssh “[email protected]” all is fine.
When ssh “[email protected]” i m prompt for user password.
Permission seems ok and are the same on both destination servers.
What’s wwrong ?

Machine A and C has no public IP, no SSH server.
Machine B has SSH server and public IP.

I am trying to understand the authentication flow of ssh, handshaking of client and remote server. I want to allow only specific ssh clients to ssh into the remote ssh server. To do this, I need to create a host key on the server as I know.
I used this command:

I have an ssh user which has limited access on the remote host.

I set up my VM and it worked fine on both google cloud console and my WinSCP setup.
But after a few hours, both of them showed “SSH authentication has failed.”
Troubleshooting said there is a problem with internet connection and check for VPC routes.

I just wanted gain clarity of my understanding on ssh communication. Are these keys needed only for authentication of a ssh session or they are needed also for data encryption of the session messages between a user machine and ssh server. If so, then only the response messages are encrypted (these ones which the user receive), because the ssh server holds the public key and can only encrypt data, but cannot decrypt. I.e. since the user machine holds public and private keys it can decrypt received and encrypt sent messages. But the ssh server can only encrypt, so it is supposed to receive raw messages rather than encrypted. Am I right or is there any other encryption method that covers the transfer of messages from user machine into ssh server? I guess that there is another public-private pair which is transfered automatically so that the communication is entirely encrypted.

I’m unable to ‘ssh’ from one of my client systems due to the following error below. The other client system can ‘ssh’ fine without issues. All of these Linux systems are on the same network and can be ping each other. All systems have the same user/password combination.