How to enable or disable public key authentication in SSH
SSH server in most systems is by default configured to allow public-key authentication. The method will enable you to use your public and private key pair to log in to an SSH server without using a username and password.
You can disable public key authentication if your private key is compromised or for any other reason by configuring your SSH server.
Public key authentication method for SSH could be enabled or disabled by configuring PubkeyAuthentication directive in sshd_config file on the server.
Steps to enable or disable public key authentication in SSH:
-
Launch your preferred terminal application.
-
Open SSHd configuration file with your favourite text editor.
$ sudo vi /etc/ssh/sshd_config [sudo] password for user:
-
Search for PubkeyAuthentication and set the option to yes or no.
PubkeyAuthentication no
Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.
Set it to yes to allow public key authentication method and no to disallow.Make sure your other authentication method such as password is enabled before disabling public key authentication method as you might completely lose remote access to your server.
-
Reload or restart SSH server service.
$ sudo systemctl restart sshd
Guide compatibility:
| Operating System |
|---|
| Ubuntu Linux |
| Debian Linux |
| Red Hat Enterprise Linux |
| Fedora Linux |
| CentOS Linux |
| openSUSE Linux |
| SUSE Linux Enterprise Server |
| FreeBSD |
| OpenBSD |
| NetBSD |
| macOS |
