How do I disable access to my server via a root password?

March 16, 2016 10.3k views
Security DigitalOcean Networking Apache


I setup my droplet on my iMac and I used a ssh key to access the server. I then created a separate ssh key for my laptop, but when I tried to access the server with the new key, it asked me for the root users password. Why is this? How do I disable password access to my server? I don't even want a password for the root is this possible?

3 Answers

That setting is controlled by the PasswordAuthentication directive in /etc/ssh/sshd_config setting this to "no" will disable password authentication on ssh. If you are being prompted on your second computer for a password I would double-check your configuration and make sure you can log in with your new key before turning off password authentication. SSH will attempt key based authentication before prompting for a password.

Don't forget to restart ssh! I had to use command:
sudo systemctl restart ssh

Have another answer? Share your knowledge.