February 4, 2019
February 4, 2019
The majority of people use password authentication to connect to their servers via SSH command line and do not even consider that this authentication method may not be as safe as they expected. Consider this: if any hacker manages to collect your SSH password, all of your valuable information is at risk. That is why authenticating with SSH keys is a better option.
In this tutorial you will learn how to disable password authentication for SSH on Linux VPS.
Before you begin this guide you’ll need the following:
Before we start the guide, you should note that if you do not set up another authentication method beforehand and disable password authentication right away, you will have a hard time connecting to your server.
It is very IMPORTANT to configure another way of authentication before you proceed with this guide. We recommend SSH Key authentication. This is a full tutorial on how to configure SSH Key authentication on your server: How To Set Up SSH Keys
IMPORTANT! Continue with this tutorial only after you configure your SSH Keys because you may be locked out of your own server!
Proceed with this only if you have completed Step 1 and successfully connected to your VPS using [SSH keys](https://www.hostinger.com/tutorials/ssh/how-to-set-up-ssh-keys because you may be locked out of your own server.
PasswordAuthentication yes. Nano has a search feature so you can simply search for this line by pressing CTRL + W on your keyboard, writing a search keyword
PasswordAuthenticationand clicking Enter.
service sshd restart
And that is it! SSH password authentication has been disabled. From this point no one will be able to connect to your server / VPS using SSH password. Only privileged users who have their SSH keys added to your server will be able to connect.
You have learned how to disable SSH password authentication on your server / VPS. This makes your server a lot safer because no one will be able to connect to your server via SSH using a password. Only privileged users using SSH keys or other advanced authentication methods will be able to connect.