I'm setting up a server for backing up my desktop box remotely. I want to prevent remote password access to the server, permitting only users with private keys (AKA my desktop box) to access it. How can I block remote password access while allowing physical password access to the server?
Asked
Active
Viewed 1.9k times
2 Answers
48
Just insert the following to the sshd config on the server (/etc/ssh/sshd_config)
PasswordAuthentication no
You might need to reload the ssh service
sudo service ssh reload
That should do the trick ;)
For more options type man sshd_config in to your terminal.
pa4080
- 29,831
LasseLuttermann
- 14,617
-
1See this thread for more hints: http://ubuntu.stackexchange.com/questions/2271/how-to-harden-an-ssh-server – LasseLuttermann Aug 15 '10 at 21:51
-
1do i need to restart ssh after that? – bubakazouba Jun 22 '16 at 03:27
-
Of course, you must. – pa4080 Sep 01 '17 at 22:20
26
Just a note about SSH access to servers - you may also want to disable the root user from ssh, this way at least hackers will have to guess the username as well.
PermitRootLogin no
-
Or just lock and delete the password for the root account. (Assuming the default user has sudo access) – David Bailey Oct 06 '15 at 17:57