Related

cpu from 13% to 100% in one minute Question Question
PHP Error Log: authz_core:error - For files that don't exists on my server Question Question

Question

How do I disable access to my server via a root password?

Posted March 16, 2016 20.6k views
ApacheSecurityDigitalOceanNetworking

Hi.

I setup my droplet on my iMac and I used a ssh key to access the server. I then created a separate ssh key for my laptop, but when I tried to access the server with the new key, it asked me for the root users password. Why is this? How do I disable password access to my server? I don’t even want a password for the root is this possible?

Add a comment
brewpixels
By:
brewpixels
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
ryanpq March 17, 2016

That setting is controlled by the PasswordAuthentication directive in /etc/ssh/sshd_config setting this to “no” will disable password authentication on ssh. If you are being prompted on your second computer for a password I would double-check your configuration and make sure you can log in with your new key before turning off password authentication. SSH will attempt key based authentication before prompting for a password.

Reply Report
gondwana May 15, 2017

Don’t forget to restart ssh! I had to use command:
sudo systemctl restart ssh

Reply Report
brewpixels May 14, 2018

I finally got this working. As @ryanpq said you have to set PasswordAuthentication to no. But doing this alone didn’t work for me. Every-time I tried to log into my server from my desktop without using a password, I would get the permission denied (public key) error.

To fix this I had to manually add my public key to /.ssh/authorized_keys on my server. For some reason the key I added on the settings page for my droplet was not being used.

Now when I log into my server from my desktop I have to use the public key. I can’t log into my server from my laptop because I haven’t added a key to that machine yet. This is exactly what I wanted.

Reply Report
rickseeger April 24, 2016
[deleted]
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help