Disabling ssh password authentication

Brute force password guess attacks generally runs against ssh server. You can allow only known ip addresses to connect ssh port with iptables but sometimes it is not the best way; you may want to login from everywhere.

 

In order to keep connected from everywhere while protecting system itself against brute force attacks, you can disable password based authentication in ssh and still continue to connect with public key authentication (See also: Passwordless ssh setup). To do this, change or add following line in /etc/ssh/sshd_config and restart ssh server:

PasswordAuthentication no

 

 





You must be login first or sign-up for an account to post comments.

Maybe you should look at these also: