LinuxQuestions.org - SSH allow public keys only

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - SSH allow public keys only (https://www.linuxquestions.org/questions/linux-security-4/ssh-allow-public-keys-only-502675/)

GATTACA

11-17-2006 10:12 PM

SSH allow public keys only

Hello.

Is there a way to configure the SSH deamon to _only_ accept connetions via public keys? Meaning that if someone tries to SSH into a linux box and their computer doesn't have a valid key then they won't even get a login prompt?

I've not had any luck searching the forums for this one, and the sshd_config man page hasn't helped.

Thanks.

randyding

11-17-2006 10:18 PM

This is from man sshd_config
PasswordAuthentication
Specifies whether password authentication is allowed. The default is "yes".

kaixa

11-18-2006 07:25 AM

well, i think what you need is SSH with Protocol 2...

chort

11-18-2006 12:18 PM

You need at least:

Code:

PasswordAuthentication no

UsePAM no

and possibly

Code:

ChallengeResponseAuthentication no

Your PAM configuration might allow password authentication even if you have it turned off with PasswordAuthentication no.

PS you should always turn off SSHv1:

Code:

Protocol 2

GATTACA

11-18-2006 02:34 PM

Thanks chort. Your suggestions worked!

Now only users with a key are allowed to get in.

Thanks!

All times are GMT -5. The time now is 08:35 AM.