SSH is by default configured to allow logins via both password and public key.
Specifies whether password authentication is allowed. The default is yes.
Users would choose bad passwords and might not manage their passwords properly. This could be a security risk thus you might want to disable password authentication on your
SSH servers. The alternative is to configure public key authentication for your users.
You can disable password authentication by disabling
PasswordAuthentication directive for your
Steps to disable password authentication in SSH:
sshdconfiguration file using favourite text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
PasswordAuthenticationand set the option to
Add the line if it doesn't already exist and remove the
# at the beginning of the line if exists.
$ sudo systemctl restart sshd
|Red Hat Enterprise Linux|
|SUSE Linux Enterprise Server|
Comment anonymously. Login not required.