Skip to main content

Enable/Disable password-based authentication

This article will provide you with the steps to enable/disable password-based authentication while logging in to your server through SSH encryption keys. A password authentication against SSH isn’t bad but creating a long and complicated password may also encourage you to store it an unsecured manner. Using encryption keys to authenticate SSH connection is a more secure alternative.

Enable Password Authentication

Before enabling password-based authentication, make sure that you already have the password. If you want to change it before enabling password-based authentication, log in as root user and then run the following command in the terminal

passwd

You will be prompted to enter the new password. Enter your new password and finish the setup process.

After logging into your server as root user, open the sshd_config file in editing mode. You can do this by running the following command in the terminal. We will use vim editor for this article. Press I to edit the file

vim /etc/ssh/sshd_config

Look for the line PasswordAuthentication no and replace no with yes.

PasswordAuthentication yes

Press ESC key and save the changes to the file and exit the editor by typing: wq! and then hit Enter.

Now restart the server by running the following command.

service sshd restart

Password authentication is now enabled for SSH access to your server.

Disable Password Authentication

This step will explain you with the steps of disabling a password-based authentication while logging in to your server through SSH. Before disabling password-based authentication, please make sure that you have copied your public key into the server and your private key matches with the public key. If you lose your private key and disable password authentication then your server will become inaccessible.

From your server open the sshd_config file in editing mode. You can do this by running the following command in the terminal. We will use vim editor for this article. Press I to edit the file

vim /etc/ssh/sshd_config

Look for the line PasswordAuthentication yes and replace yes with no.

PasswordAuthentication no

Press ESC key and save the changes to the file and exit the editor by typing: wq! and then hit Enter.

Now restart the server by running the following command.

service sshd restart

Password authentication is now removed from SSH access to your server.