How to enable or disable SSH password authentication
Username and password combination is the most popular authentication method to SSH server and is normally enabled by default. Username and password authentication is also the most familiar method as it's widely used everywhere else.
PasswordAuthentication
Specifies whether password authentication is allowed. The default is yes.
Some administrators consider password login to be insecure due to improper password management by the users. As such, they might disable password authentication on your SSH servers and force users to authenticate using other methods such as the public key.
You can enable or disable password authentication by configuring the PasswordAuthentication directive in your SSH server.
Steps to enable or disable password login in SSH:
- Launch your preferred terminal application.
- Open sshd configuration file using favourite text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
- Search for PasswordAuthentication and set the option to no to disable PasswordAuthentication method and yes to enable.
PasswordAuthentication no
Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.
Set it to yes to allow password authentication method and no to disallow.Make sure another authentication method is enabled and tested before disabling the password authentication method.
- Reload or restart SSH server service to activate the changes.
$ sudo systemctl restart sshd
Mohd Shakir Zakaria is a cloud architect by trade but always retains sight of his true passions: development, entrepreneurship, and open-source advocacy. As the founder of Simplified Guide, he combines these interests to help others easily navigate the world of computing.
Comment anonymously. Login not required.
