Security

How To: Disable Password Login For SSH

In today’s article, I’m going to show you how to disable password login for SSH. Security is important and this can be a step in your securing SSH. After all, without password login enabled, you can’t have someone brute force your password!

And that right there nips in the bud why you’d want to make this change. You want to eliminate an attack vector, so you disable password login for SSH and you rely on SSH keys

NOTE: I’ve had a number of SSH articles. Feel free to scroll through them, as they cover a number of SSH options. If you don’t know what SSH is, click the links in the above two paragraphs and we’ll be on the same page. In short, it’s a tool to remotely login to systems so that you can manage them without actually being at the computer physically. It’s a widely used tool.

It goes without saying that professional admins tend to do things like secure their SSH logins, and disabling password login for SSH is a good step to take. It’s also a step we laymen can use, ’cause it’s really a very simple operation. So, that’s what this article will be about. It’s an article that tells you how to …

Disable Password Login For SSH:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Now, you’re going to need to do some file editing. For that, we’re going to use our beloved nano. So, start with this command:

sudo nano /etc/ssh/sshd_config

That will open the file with your nano editor, where you’ll look for a line that looks like this:

#PasswordAuthentication yes

And you’re going to change the ‘yes’ to no, and remove the # that means ‘ignore this line’, so that it can take effect. When you’re done, the line should look like:

PasswordAuthentication no

Now, you’ll want to save it. In nano, to save a file, you press CTRL + X, then Y, and then ENTER.

With that done, you need to restart the service. That’s easy enough, you just run the following command:

sudo systemctl restart sshd

That will restart the service and use the new settings. So, be sure you have your ducks in a row, ’cause once you restart that service you’re not gonna be able to login with a password again. You’re not going to get a redo, ’cause it restarts the service – meaning it logs you out. So, you should probably be logged in using SSH certificates before making this change. That way, you know it works.

Closure:

Huh… I am not, in fact, out of ideas for articles. I’m pretty sure I’m going to run out of ideas eventually, but there seems to always be something new to impart. I did notice that I failed to search well and we have two articles about time zones and how to find out which you’re using. Ah well… Nobody else seemed to notice, so I’ve got that going for me.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

KGIII

Retired mathematician, residing in the mountains of Maine. I may be old and wise, but I am not infallible. Please point out any errors. And, as always, thanks again for reading.

Recent Posts

Enable/Disable Your Network Interface

Today we'll cover one way to enable or disable your network interface in the Linux…

7 months ago

Check Your NIC Speed In The Terminal

Today's exercise is a nice and simple exercise where we check your NIC speed in…

7 months ago

Easily Monitor Your Wireless Connection

Have you ever wanted to easily monitor your wireless connection? Well, now you can learn…

7 months ago

Count The Files In A Directory

I think I've covered this before with the ls command but this time we'll count…

7 months ago

Get System Information With The ‘uname’ Command In Linux

Today we'll be learning about a basic Linux command that's known as 'uname' and it…

7 months ago

hardinfo Has Been Rebooted As hardinfo2

If you've used hardinfo in the past, it may interest you to know that hardinfo…

7 months ago