Linux is an operating system that offers a wide range of features and capabilities and is known for its security and stability. One of the key security measures in Linux is the use of passwords to authenticate users. However, in some cases, password authentication may not be desired or necessary, especially in situations where other authentication mechanisms are in place.
In this article, we will discuss how to disable password authentication in Linux.
Disabling password login
The first step in disabling password authentication in Linux is to switch to the root user. This is necessary because only the root user has the necessary permissions to make changes to the system configuration.
-
To switch to the root user, open a terminal window and type the following command.
sudo suThis will prompt you for your password. Enter the password for the user account that has sudo privileges. Once you have entered the password, you will be switched to the root user. -
The next step is to edit the SSH configuration file to disable password authentication.
vi /etc/ssh/sshd_config -
Look for the following line in the file.
#PasswordAuthentication yesUncomment the line by removing the '#' and replacing yes with no.PasswordAuthentication no -
restart the SSH service to apply the changes.
systemctl restart sshd
Enabling ssh key authentication
SSH keys are a more secure way of authenticating users than passwords, as they are not susceptible to attacks such as brute-force attacks or password-guessing attacks.
-
To generate an SSH key pair, you can use the ssh-keygen command.
ssh-keygen -t rsa -
Once you have generated the key pair, you can copy the public key to the server. You can do this by using the ssh-copy-id command.
ssh-copy-id root@207.199.149.75Replacing "root" with your username and "207.199.149.75" with your server IP address -
Once the public key was copied, you can connect to your server without a password by running the following command (replace username and password for yours).
ssh root@207.199.149.75