Skip to main content
HashnodeLinux Mint Tutorials

Command Palette

Search for a command to run...

Ditch Passwords: Safe Ways to Access SSH

Updated
2 min read
Ditch Passwords: Safe Ways to Access SSH
M
M Safiedin
Part of seriesSSH all in one

Disabling password login adds a significant layer of security to your VM because it prevents "Brute Force" attacks (where bots guess passwords endlessly).

⚠️ CRITICAL WARNING Before You Start:

Do not close your current terminal window until you have confirmed everything works. If you make a mistake and close the connection, you could be locked out of your server permanently.

Step 1: Edit the SSH Configuration File

You need to change the settings in the SSH daemon config file on your VM.1

  1. Log in to your VM if you haven't already.

  2. Open the configuration file with a text editor (like nano) using root privileges:

    Bash

     sudo nano /etc/ssh/sshd_config

Step 2: Change the Settings

You need to find specific lines in this file and change them. Use your arrow keys to scroll down.

  1. Find: PasswordAuthentication

    • Change it to: no

    • Note: If the line has a # at the start, delete the #.

Plaintext

    PasswordAuthentication no

  1. (Optional but Recommended) Find: ChallengeResponseAuthentication

    • Change it to: no

Plaintext

    ChallengeResponseAuthentication no

  1. (Optional Security Boost) Find: PermitRootLogin

    • It is safer to disable direct root login or limit it to keys only.

    • Change it to: prohibit-password (or just no)

Plaintext

    PermitRootLogin prohibit-password

  1. Save and Exit:

    • Press Ctrl+O then Enter (to save).

    • Press Ctrl+X (to exit).

Step 3: Restart the SSH Service

For the changes to take effect, you must restart the SSH service.2 Run this command:

Bash

sudo systemctl restart ssh

(On some older Linux versions like CentOS/RHEL, it might be sudo systemctl restart sshd)3

Step 4: The Safety Test (Do Not Skip)

Keep your current connection open. Do not type exit.

  1. Open a new terminal window on your computer (Computer 1 or 2).

  2. Try to log in to the VM:

    Bash

     ssh user@YOUR_VM_IP

  3. Result:

    • Success: If you log in immediately (using your key), you are safe. You can now close the original window.

    • Failure: If it says "Permission denied (publickey)" or refuses connection, go back to your original window (which is still open) and re-edit the file to set PasswordAuthentication yes again until you fix the issue.

How to verify it's really working?

If you want to be 100% sure passwords are off, try to force SSH to use a password by adding the -o PreferredAuthentications=password flag.

Bash

ssh -o PreferredAuthentications=password user@YOUR_VM_IP

It should immediately fail with: Permission denied (publickey). This means the server refused to even look at a password.

#ssh#ssh-keys#passwords#passwordless

Comments

Join the discussion

No comments yet. Be the first to comment.

SSH all in one

Part 3 of 3
Start from the beginning

How to use SSH key

Little Intro… An SSH Key is a security credential that works like a digital lock and key. It is generally safer and more convenient than using a password. The Private Key (The "Key"): You keep this on your computer. Never share this. The Public Key...

More from this blog

Linux Mint Tutorials

13 posts

Compilation of Linux Mint Tutorialls