As long as you use strong passwords, it is not necessary to disable SSH password authentication for your server; however, you can disable it if you would like.

Before you proceed, keep these things in mind:

  • Disabling password authentication makes it more likely for you to be locked out of your server.
  • You can become locked out if you lose your private key or break your ~/.authorized_keys file.
  • If you are locked out, you will no longer be able to access the files of any apps.

You should only disable SSH password authentication if you are extremely familiar with public key authentication and understand the potential consequences of locking yourself out of your server.


To disable SSH password authentication, SSH in to your server as root to edit this file:

/etc/ssh/sshd_config

Then, change the line

PasswordAuthentication yes

to

PasswordAuthentication no

After making that change, restart the SSH service by running the following command as root:

sudo service ssh restart
Alert: For Control Panel Help & Tutorials, click here: Panel Tutorials
Je li Vam ovaj odgovor pomogao? 0 Korisnici koji smatraju članak korisnim (0 Glasovi)

Najpopularnije

How to Block Brute Force Attacks in WordPress

A brute force attack on WordPress occurs when an attacker attempts to log in to WordPress by...
How to Block IPs with CloudFlare

If you use CloudFlare for your site, you can change your settings to block visitors by IP range....
How to Check WordPress Plugins and Themes for Vulnerabilities

Vulnerable plugins and themes are the leading causes of WordPress compromises. To ensure the...
How to Configure Protect in WordPress

Protect is a key part of WordPress's Jetpack plugin that helps block brute force attacks against...
How to Create a Strong Password

The strength of your password is one of the most important factors in determining the ability of...