How-to Disable Password Authentication on Linux

password authentication
Please follow and like us:

This how-to will explain how to disable password based authentication on Linux based systems. It is in continuation of our series on System Security. With the first one published on SSH keys based authentication. We wrote this as a lot of you sent us messages, on social media, to add tutorials on how to secure the server by disabling the password based authentication.

We recommend that the administrator should not attempt to disable password based authentication unless SSH keys are correctly setup and users can easily login using that method.

This is the second article in the series on “Systems Security”. The articles in the System Security series are listed below.

  1. How to setup SSH keys based authentication
  2. How to disable password based authentication (current article)
  3. How to setup UFW Firewall

It is a good practice that all production servers should be run with disabled username/password authentication on all servers once SSH keys are properly working. It has been proven over and over again that these are not secure and can be easily broken into. Instead it is recommended to use SSH keys based authentication.

Here are the steps that you need to follow to disable password authentication. However, as a caution, we request not to attempt the following till you have enabled SSH Keys authentication. As there is a strong chance that you will lock yourself out of the machine if you have not setup SSH keys authentication.

The following method should work on most Unix and Linux systems including MacOS X.

Edit the following file as root or sudo using vi or nano or any other editor. Here we will use vi.

This file contains ssh server configuration. We are looking for the line that contains the string PasswordAuthentication

Uncomment the string and type no infront of it.

Make sure that the server also has the following settings set properly

Now save and exit back to the shell prompt and restart the service

And that’s it.

We will be adding more how-tos on server security. Let us know what else you are interested in the comments section below.

Please follow and like us:

Techie by day, blogger by night. Love the outdoors, enjoy traveling and building new and interesting things. Follow me if you want to know something.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.