If for whatever reason you are forced to use plain-text authentication over SSH you can create a rule within the SSH daemon configuration to ensure that only the single user can perform it - while ensuring all other users are using keys.
vi /etc/ssh/sshd_config
and append the following:
Match User <username>
PasswordAuthentication yes
Reload sshd and attempt to re-authenticate.
sudo systemctl reload sshd
No comments:
Post a Comment