7

I'm only allowing pubkey auth via ssh. How can I still log in with password?

view full story
linux-howto

http://unix.stackexchange.com – vi /etc/ssh/sshd_config egrep -i 'Pubkey|Password|Listen' /etc/ssh/sshd_config | grep -v '^#' ListenAddress 0.0.0.0 PermitRootLogin without-password PubkeyAuthentication yes PasswordAuthentication no on an OpenBSD 5.1 server. But I can still login with FileZilla, and FileZilla only knows my password AFAIK (or not?). How can I restrict any ssh/scp/sftp access to only accept key auth? UPDATE: clinet side is a Scientific Linux 6.3, afaik the key is not cached. (HowTos)

Danial's picture
Submitted by Danial on 01/17/2013 – Made popular on 01/17/2013

Stories similar to I'm only allowing pubkey auth via ssh. How can I still log in with password?

When I create a new user account I ask users to send me a public key, and want to force users to set the password the first time they log in with keypair authentication.

I have faced some serious hacking attempts, and I always wondered that password alone won't save me from these attackers out there. For those of you who think that you have a pretty safe password, there is always a chance that a brute force attack from some dedicated server(s) can break it. A good password is a decent start, but its definitely not the end.

What am I missing? I change the root password on a unix machine, then try to log in with that password. PasswordAuthentication is set to yes in sshd_config and the sshd daemon has been restarted.

We have a test server that does allow challenge-response authentication. I don't want to disable that, but when I create a new user account I ask users to send me a public key, and want to force users to set the password the first time they log in with keypair authentication.

Here are the steps I did on my local computer:

ssh-keygen -t rsa cat ~/.ssh/id_rsa | ssh root@remotehost.com -p 1234 "cat > ~/.ssh/authorized_keys"

When I do a ssh root@remotehost.com -p 1234 it still asks for the password :o

root@remotehost.com's password:

Why is it so? I already added it to the authorized keys but it still asks for the password.

I'm migrating my file server from Fedora 9 to Fedora 11 (clean install), and I'm having a horrendous time trying to get key based SSH logins working. I've set it up before, and I can't figure out why it won't work now. I copied my public key into ~/.ssh/authorized_keys2 and set the folder permissions for 700 and the file permissions for 600. Then I restarted sshd.

SSH Key authentication 1 year 36 weeks ago

I can't setup SSH key authentication to login without entering a password, and just using the private key.

I recently decided to change my (very) strong user password to something trivial.

This was mostly to eliminate frustration with typing a long password each time I sudo or whatever.

My question is, is there any reason to have a strong user password?

Hello Everybody

I come to you with a quite strange problem. Some weeks ago, I set up an SSH-Server on my Synology NAS and configured it so that only publickey authentication was allowed. Everything worked fine, but one fine day, I wasn't able anymore to connect to the server with publickey auth.