I have a few administrative accounts that I do not want accessible via a password, only ssh keys. There are two ways to disable password authentication on a linux system:

1) Lock the password if using linux user accts, ldap, or whatever your using.
2) Tell ssh to not allow authentication with a password in your sshd_config file.

For method 1:

# passwd --lock username

Note this won’t lock the user out of the account but rather lock their password so they cannot use one.

For method 2:
Add the following lines to the end of your /etc/ssh/sshd_config file.

Match User username PasswordAuthentication no

Keep in mind that if you do this the ssh way, passwordless logon will only apply to a remote connection by the user.

Blog Logo

Mario Loria




Because gets old after a while.

Back to Overview