I use my own VPS for hosting this website. Hence I get attacked on daily bases. The last time I checked the logs I had more than 2500 attempts to break into my SSH server from around the world. These attackers are mostly opportunistic I believe (or I hope!)
Since the number was very high, I decided to disable password auth and keep publickey auth only. It’s pretty simple.
Step 0: You already have public/private key set and configured in your ssh server and client.
Then you want to edit SHHd config file under:
|
1 |
/etc/ssh/sshd_config |
First make sure you enable public-key authentication or you will lock yourself out!
|
1 |
PubkeyAuthentication yes |
then make sure these options are set as below:
|
1 2 3 |
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no |
Now reload that SHHd demon, and you’re done.
|
1 |
User@Host:~$ /etc/init.d/sshd reload |
You can now connect to your ssh server using your private key.
Tip: use the dash key -> (/) to search through text in VI/VIM editor while editing the sshd_config file. It helps a lot finding the lines. Add the line if it is not there already. Note: Search is case sensitive.
Thanks to this post here for the steps, I reordered them to make sure you don’t lock yourself out, and make the steps much simpler.
Leave a reply