By Konstantinos Patronas

Linux: disable ssh password login for specific users only

Recently i had the following scenario: we needed a local user which can

Linux: disable ssh password login for specific users only
Photo by Christin Hume on Unsplash

Recently i had the following scenario: we needed a local user which can

  • ssh / scp to a host
  • use ssh keys
  • dont allow password login for ssh

Procedure

User creation

# useradd user1

Added a password

# passwd user1

Set password expire to never

# chage -I -1 -m 0 -M 99999 -E -1 user1

Edit /etc/ssh/sshd_config and add to the end of the file

Match User user1 
       PasswordAuthentication no

Restart sshd for changes to take place

# systemctl restart sshd

Create keys with ssh-keygen

$ ssh-keygen

Then copy contents of id_rsa.pub to .ssh/authorized_keys of the host with user “user1”