How to disable ssh password login on Linux to increase security

Originally published at: https://www.cyberciti.biz/faq/how-to-disable-ssh-password-login-on-linux/

I want to disable ssh clients from accessing using the password and only allow ssh login using SSH keys. How do I disable password authentication for SSH on Linux operating systems?

set : PasswordAuthentication no

in: /etc/ssh/sshd_config

restart the ssh deamon

Why was it necessary to create a new user? Could I have just used an existing user?

Yes, you can use existing user too. Say add user tom to sudo, run:

sudo usermod -aG sudo tom

I will update the page soon. Thanks for the feedback.

Hello, I would like to try ssh login using SSH public key however I don’t want to disable password authentication for current SSH current. How can I manage to enable it only for me on a Linux operating system?

What would be the best approach for it? Thank you

Have a great day
Felix

You just upload/copy your ssh key. That is all. Rest of the users will enter password but you can login using ssh.

Hello,

I have created a public key with: ssh-keygen -b 4096 -t rsa -f rsaForPythonScript on my Linux server. I copied the entire key (from initial ssh-rsa to last character: user@ipserver) and paste on my SSH client.

Now I have the public key on both sides at this directory: /home/username/.ssh

However, I am still being prompt to enter a password when login. Am I missing something else? I want to enable password-less login only for me as a first test.

Thanks in advance for comments.

Kind regards,
Felix

Did you installed key using the ssh-copy-id command for your remote server?

ssh-copy-id -i /path/to/rsaForPythonScript.pub user@server

You need to specify rsaForPythonScript for login:

ssh -i /path/to/rsaForPythonScript.pub user@server

Add the -v to see why key is not accepted:

ssh -v -i /path/to/rsaForPythonScript.pub user@server

Linux sysadmin blog - Linux/Unix Howtos and Tutorials - Linux bash shell scripting wiki