SSH is by default configured to allow logins via both password and public key.
Specifies whether password authentication is allowed. The default is yes.
Users would choose bad passwords and might not manage their passwords properly. This could be a security risk thus you might want to disable password authentication on your
SSH servers. The alternative is to configure public key authentication for your users.
You can enable or disable password authentication by configuring
PasswordAuthentication directive for your
sshdconfiguration file using favourite text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
PasswordAuthenticationand set the option to
Add the line if it doesn't already exist and remove the
# at the beginning of the line if exists.
Make sure other authentication method is enabled and tested before disabling password authentication method.
$ sudo systemctl restart sshd
|Red Hat Enterprise Linux|
|SUSE Linux Enterprise Server|
Comment anonymously. Login not required.