Menu
Disabling password authentication makes it more likely for you to be locked out of your server. You can become locked out if you lose your private key or break your ~/. authorized_keys file. If you are locked out, you will no longer be able to access the files of any apps.
In file /etc/ssh/sshd_config
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication no
Uncomment the second line, and, if needed, change yes to no.
Then run
service ssh restart
Here's a one-liner to do this automatically
sed -i -E 's/#?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
The #? is an extended regular expression that matches the line whether it's commented or not. The -E switch enables extended regexp support for sed.
Run
service ssh restart
instead of
/etc/init.d/ssh restart
This might work.
I followed these steps (for Mac).
In /etc/ssh/sshd_config change
#ChallengeResponseAuthentication yes
#PasswordAuthentication yes
to
ChallengeResponseAuthentication no
PasswordAuthentication no
Now generate the RSA key:
ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
(For me an RSA key worked. A DSA key did not work.)
A private key will be generated in ~/.ssh/id_rsa along with ~/.ssh/id_rsa.pub (public key).
Now move to the .ssh folder: cd ~/.ssh
Enter rm -rf authorized_keys (sometimes multiple keys lead to an error).
Enter vi authorized_keys
Enter :wq to save this empty file
Enter cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Restart the SSH:
sudo launchctl stop com.openssh.sshd
sudo launchctl start com.openssh.sshd
The one-liner to disable SSH password authentication:
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config && service ssh restart
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With