How To Configure SSH Access For Key Authentication Only On Your CentOS SSH Server

This how to assumes you have SSH Keys installed on your server. If you do not you can follow either of the how to’s below:

In this tutorial we will be:

  • Changing The SSH Servers Port
  • Allowing connections only va PubkeyAuthentication.

We will begin by editing your SSH servers configuration file: /etc/ssh/sshd_config

vi /etc/ssh/sshd_config

To change the SSH Listening Port. Locate the below line:

# Port 22

Uncomment and change the 22 to some random port number you wish to use to connect to SSH via.

Port 2314

Next lets confirm the following lines are set to yes (these are normally enabled by default and may be commented out):

RSAAuthentication yes
PubkeyAuthentication yes

At this point please make sure your SSH keys are working properly. If they are not you will be unable to log back in via SSH.

Now change the below line to disable PasswordAuthentication and only allow access for ssh keys.

PasswordAuthentication yes

change this to:

PasswordAuthentication no

Now lets restart the SSH service

/etc/init.d/sshd restart

Your SSH server should now be locked down to only allow access via SSH key authentication.

Wayne Egerer

Leave a Reply