Passwordless SSH login
R C
cjvijf at gmail.com
Thu Feb 11 03:25:00 UTC 2021
On 2/10/21 8:19 PM, Bob wrote:
> ** Reply to message from R C <cjvijf at gmail.com> on Wed, 10 Feb 2021 17:35:40
> -0700
>
>> On 2/10/21 5:17 PM, Karl Auer wrote:
>>> On Wed, 2021-02-10 at 15:49 -0800, Bob wrote:
>>>> I have set up SSH between two computers on my LAN and am trying to
>>>> disable password login.
>>> I'm wondering if you are confusing the password on the account with the
>>> passphrase on the ssh key.
>>>
>>> Also, each time you change the sshd configuration file you need to
>>> restart the sshd server for the change to "take":
>>>
>>> systemctl restart sshd
>> I think OP is trying to do key based logins. (host based or priv/pub key
>> pair?)
> I am trying to only allow a key based login.
>
>
>> You can disable 'regular' password logins with
>> "|PasswordAuthentication no" I believe, BUT, that would only allow
>> logons from machines key based.|
> Which is what I want. I do have "PasswordAuthentication no". The
> documentation I have says that you also need "ChallengeResonpseAuthentication
> no".
>
probably not necessary to ask, but, did you restart sshd? (systemctl
restart sshd) after the changes ? and if so what does systemctl
status sshd say?
also, you can see debugging info with ssh -v uid at host.dom, or -vv or
-vvv to see what methods it is trying.
>> |(you can also make changes in the pam stack, but I'd be hesitant to do
>> that)
>> |
>>
>> |If you'd go either route, I'd allow root logins at the console, so
>> that when something gets messed up with the keys (and users (including
>> yourself) will mess up their keys), you'd still have a reasonable way in.
>> |
>>
>>
>> R
>>
>>> Regards, K.
More information about the ubuntu-users
mailing list