AWS Lightsail SSH Hardening Guide

Harden SSH on your AWS Lightsail server: disable password authentication, restrict to key-based login, change the default port, and configure fail2ban.