SSH server in most systems is by default configured to allow public-key authentication. The method will enable you to use your public and private key pair to log in to an SSH server without using a username and password.

You can disable public key authentication if your private key is compromised or for any other reason by configuring your SSH server.

Public key authentication method for SSH could be enabled or disabled by configuring PubkeyAuthentication directive in sshd_config file on the server.

Steps to enable or disable public key authentication in SSH:

  1. Launch your preferred terminal application.
  2. Open SSHd configuration file with your favourite text editor.
    $ sudo vi /etc/ssh/sshd_config
    [sudo] password for user:
  3. Search for PubkeyAuthentication and set the option to yes or no.
    PubkeyAuthentication no

    Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.
    Set it to yes to allow public key authentication method and no to disallow.

    Make sure your other authentication method such as password is enabled before disabling public key authentication method as you might completely lose remote access to your server.

  4. Reload or restart SSH server service.
    $ sudo systemctl restart sshd

Guide compatibility:

Operating System
Ubuntu Linux
Debian Linux
Red Hat Enterprise Linux
Fedora Linux
CentOS Linux
openSUSE Linux
SUSE Linux Enterprise Server
FreeBSD
OpenBSD
NetBSD
macOS
Discuss the article:

Comment anonymously. Login not required.

Share!