1,381
edits
Changes
no edit summary
The basic process is the same:
<pre class="code-pre "><code>ssh <span class="highlight">username</span>@<span class="highlight">remote_host</span></code></pre>
If this is your first time connecting to this host (if you used the last method above), you may see something like this:
<pre class="code-pre "><code>The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes
This just means that your local computer does not recognize the remote host. Type "yes" and then press ENTER to continue.
If successful, continue on to find out how to lock down the server.
==Disabling Password Authentication on your Server==
Once the above conditions are true, log into your remote server with SSH keys, either as root or with an account with <code>sudo</code> privileges. Open the SSH daemon's configuration file:
Inside the file, search for a directive called <code>PasswordAuthentication</code>. This may be commented out. Uncomment the line and set the value to "no". This will disable your ability to log in through SSH using account passwords:
Save and close the file when you are finished. To actually implement the changes we just made, you must restart the service.
On Ubuntu or Debian machines, you can issue this command:
On CentOS/Fedora machines, the daemon is called <code>sshd</code>:
After completing this step, you've successfully transitioned your SSH daemon to only respond to SSH keys.
[https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys More Information]
[[Category:SSH]]