Close

Disable SSH by password

A project log for SSH Keys for Raspberry Pi

How to set up your raspberry pi to use SSH keys and disable password logins.

lazLaz 05/12/2015 at 21:370 Comments

The last step to help secure your RPi is to disable password authentication for SSH altogether. That means anyone without a key will not even be presented with an opportunity to log on. To do that, you'll need to SSH into your pi, which you can now do using the SSH key. To do that, you'll need to modify the SSH config file on your raspberry pi. The command to edit the file is:

sudo nano /etc/ssh/sshd_config 

"sudo" is required because the config file is owned by the root user, and the user pi doesn't have the credentials to edit it. "nano" is the program you use to edit the file. You can use your editor of choice for this action.

There is a line in the config file that is commented out:

#   PasswordAuthentication yes
To uncomment the line, delete the leading hash sign. Then change the command to no. It should look like this:
   PasswordAuthentication no

Finally, the usePAM setting should be changed to no:

UsePAM no
With that file edited, you need to save it and close it. In order for the changes to take effect, you need to restart SSH (or just reboot your Pi altogether).

Discussions