root password login only from control panel

Question

Hi,

I know that the best way is to have ssh key authentication but the problem is that sometimes we lose the keys and then the only way is to have root access again to generate new keys etc.
Is it possible to disable any root/user password login from remote but only allow it from the control panel?

Thanks,

Answer 1

jcolyer February 24, 2016

What you can do is have the root user only authenticate using SSH keys. Since the SSH settings do not impact the Web Console, you can even disable the root user and still be able to use the DigitalOcean Web Console to login to your droplet in case something were to happen to your keys.

To make it so only SSH keys authenticate, have your /etc/ssh/sshd_config file have this line in it:

PasswordAuthentication no

To disable the root user completely, have your /etc/ssh/sshd_config file have this line in it:

PermitRootLogin no

Remember to have these changes take effect, you need to restart your SSH service.

Hope it helps,
Jason Colyer
DigitalOcean Platform Support Lead

Reply Report

Related

Question

root password login only from control panel

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

root password login only from control panel

Related

Leave a comment

Related

question

Why are snapshots so slow

question

my site i down please see http://www.cheri3a.com/

question

Can you clone your instance

question

Why is my droplet stuck at "creating"? it has been hours now :(

Looking for something else?