Close Menu
    Trending
    Raspberry Pi SSH Keys

    Disable SSH Password Login on Raspberry Pi

    0
    By on Tutorials & Help

    Disabling the ability to login to your Pi via SSH using a password can be a useful security enhancement. If someone is attempting to guess or brute force there way into your Pi via SSH disabling the password route will massively increase their chances of failure.

    Obviously you should only disable the ability to login using a password when you have successfully configured SSH keys. For that reason I would complete the steps below using an SSH connection that uses SSH keys. That ensures you have a method to connect to your Pi once the password route has been closed.

    Note: This procedure does not prevent logging into your Raspberry Pi desktop if you are using Raspberry Pi OS with the desktop environment. It only effects connections made to your Pi via SSH.

    Setup SSH Keys

    If you don’t already have SSH keys setup then you can follow my “Setting Up SSH Keys on the Raspberry Pi” blog post.

    Disable SSH Password Password Login

    Now that you’ve checked you can access your Pi via SSH using keys let’s get started.

    Edit the SSH config file:

    sudo nano /etc/ssh/sshd_config

    Find the entry for “PasswordAuthentication”. You may have to scroll down the available items. It is likely to be disabled with a leading # character and set to “yes”. Remove the # character and change “no” to “yes”.

    You should then have a line that states:

    PasswordAuthentication no

    Save the changes and exit the text editor by using [CTRL-X], [Y] and [ENTER].

    Activate Changes

    For the changes to take effect you either need to restart the SSH service using:

    sudo /etc/init.d/ssh restart

    or reboot the Pi using:

    sudo reboot

    Re-Enable SSH Password Login

    To re-enable SSH Password login you can repeat the process but change the PasswordAuthentication line to:

    PasswordAuthentication yes

    Final Thoughts

    This is a really quick and easy security improvement you can make to your Pi setups. Just make sure you keep your SSH Keys safe so that you are always in a position to re-configure your SSH/sFTP client if you change PC/laptop/phone.

    As a memory jogger, the Public key goes on the device you will access and the Private key is needed by the device you are connecting from.

    Share.

    Related Posts

    Leave A Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.