← ServerPilot Docs
How to Disable SSH Password Authentication
As long as you use strong
passwords, it is not necessary to disable SSH password authentication
for your server; however, you can disable it if you would like.
Before you proceed, keep these things in mind:
- Disabling password authentication makes it more likely for you to be
locked out of your server.
- You can become locked out if you lose your private key or break your
~/.authorized_keys file.
- If you are locked out, you will no longer be able to access the files
of any apps.
You should only disable SSH password
authentication if you are extremely familiar with public key
authentication and understand the potential consequences of locking
yourself out of your server.
To disable SSH password authentication, SSH in to your server as
root to edit this file:
/etc/ssh/sshd_config
Then, change the line
PasswordAuthentication yes
to
PasswordAuthentication no
After making that change, restart the SSH service by running the following
command as root:
sudo service ssh restart