Sshd_config still allowing password authentication

ssh password sshd

Solution 1:

You need to do three things here:

(1) Set PermitRootLogin to be without-password or restrict-password or no. For security. I normally set it to no.

(2) You're missing something else that's pretty important. You should be using PAM for authentication for things - UsePAM yes is what the default usually is; this allows you to use UNIX user login data.

(3) Also important, NORMALLY you set ChallengeResponseAuthentication to no. This protects from bypassing the without-password restriction for root logon. (The exception is if you're using libpam-duo and the Duo Security 2FA system, in which case you need ChallengeResponseAuthentication set to yes, but this isn't a typical setup.)

Once you've done that, sudo service ssh restart to restart the SSH service with the new configuration. Attempt SSH from another window before you logout of your SSH session to make sure things are working as expected.

Solution 2:

I followed Thomas' steps but still didn't work. Turns out I just needed to set UsePAM to no and it now disallows login without a public key.

Related

Extracting zip from Terminal with renaming when filename exists?
How to upgrade GTK 3.18 to 3.20 on ubuntu 16.04? [duplicate]
How to disable routing all network traffic through OpenVPN?
How do I dual boot with Windows+BitLocker, and with encryption for Ubuntu, over 2 drives? [closed]
External HDMI display detected, but not working
Create RAR archive in 17.10
Create new ssh user account to access specific folder only
MBR or GPT partition when making ubuntu bootable live usb
export/import gnome-terminal profile settings [duplicate]
man <command> doesn't display anything after package installation with conda on Ubuntu 17.10
Can't Update to 18.04 LTS from Ubuntu GNOME 16.04.4 LTS [duplicate]
Bijection between an infinite set and its union of a countably infinite set