GCP Compute Engine SSH Hardening Guide

Harden SSH on your GCP Compute Engine server: disable password authentication, restrict to key-based login, change the default port, and configure fail2ban.