Disable SSH Password Authentication and Use PublicKey Authentication Instead

I use my own VPS for hosting this website. Hence I get attacked on daily bases. The last time I checked the logs I had more than 2500 attempts to break into my SSH server from around the world. These attackers are mostly opportunistic I believe (or I hope!)

Since the number was very high, I decided to disable password auth and keep publickey auth only. It’s pretty simple.

Step 0: You already have public/private key set and configured in your ssh server and client.

Then you want to edit SHHd config file under:

First make sure you enable public-key authentication or you will lock yourself out!

then make sure these options are set as below:

Now reload that SHHd demon, and you’re done.

You can now connect to your ssh server using your private key.


Tip: use the dash key -> (/) to search through text in VI/VIM editor while editing the sshd_config file. It helps a lot finding the lines. Add the line if it is not there already. Note: Search is case sensitive.

Thanks to this post here for the steps, I reordered them to make sure you don’t lock yourself out, and make the steps much simpler.

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">