Disable Password Authentication

Disable Password Auth, Follow these steps….

Once you have SSH Keys configured, you can add some extra security to your server by disabling password authentication for SSH. (Note that if you do lose your private key, this will make the server inaccessible and you will need to contact your host to have this re-enabled.)

To disable this setting, you can do the following:

nano /etc/ssh/sshd_config

In this file, set the following settings to the following values. If these settings are already in the file, set them to “no” rather than add new lines.

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Once this is done, restart the SSH daemon to apply the settings.

/etc/init.d/sshd restart

Leave a Reply

You must be logged in to post a comment.