Ubuntu 22.04 配置禁止密码登录，只允许密钥登录

因为在配置过程中需要问题了，所以记录一下。

环境如下：

服务端	192.168.0.132 （CentOS Linux release 7.9.2009 (Core)）
客户端	192.168.0.216（Ubuntu 22.04.5 LTS）

服务端配置密钥对（使用Centos作为服务端实验）
服务端执行：

[root@localhost ~]# ssh-keygen
[root@localhost ~]# ssh-copy-id  bird@192.168.0.216
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.0.216 (192.168.0.216)' can't be established.
ECDSA key fingerprint is SHA256:l2BGywJPJak8cLLAFNb5BX1bdKBoxOrwRWNN32gemqs.
ECDSA key fingerprint is MD5:36:1b:27:32:6d:15:81:a1:46:29:92:15:c0:5b:92:c5.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
bird@192.168.0.216's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'bird@192.168.0.216'"PubkeyAuthentication
and check to make sure that only the key(s) you wanted were added.

客户端SSH配置，禁止密码登录只允许密钥登录：
配置文件路径： /etc/ssh/sshd_config

PasswordAuthentication no
PubkeyAuthentication yes

禁止密码登录，允许密钥登录。最后记得重启 sshd

最后的实验效果使用密码还是可以登录，之后在所有的配置文件中搜索 PubkeyAuthentication 参数，发现存在多个配置文件，如下：

bird@bird:/etc/ssh$ sudo grep -r PasswordAuthentication *
ssh_config:#   PasswordAuthentication yes
sshd_config:PasswordAuthentication no
sshd_config:# PasswordAuthentication.  Depending on your PAM configuration,
sshd_config:# PAM authentication, then enable this but set PasswordAuthentication
sshd_config.d/50-cloud-init.conf:PasswordAuthentication yes

分别是： ssh_config，sshd_config，sshd_config.d/50-cloud-init.conf

将sshd_config.d/50-cloud-init.conf配置文件中PasswordAuthentication yes 修改为 no，重启后密码就被禁止登录了

原文地址：https://blog.csdn.net/qq_50247813/article/details/142979891

免责声明：本站文章内容转载自网络资源，如本站内容侵犯了原著者的合法权益，可联系本站删除。更多内容请关注自学内容网（zxcms.com）！