System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Disable SSH password authentication?

 
Highlighted
New Member

Disable SSH password authentication?

I have successfully configured SSH public key authentication on my iLO subsystem, and I would now like to disable SSH password authentication (so that public key authentication is the only acceptable authentication method). I've been unable to find instructions to do this anywhere in the documentation / online searches / forums.

Is this possible? Thanks in advance!

I am running iLO firmware version 1.82
3 REPLIES 3
Highlighted
Super Advisor

Re: Disable SSH password authentication?

Fred,

Once you have the public key then follow the instructions:

cat id_rsa.pub >> authorized_keys
# chmod 600 authorized_keys

Then copy the authorized_keys of one node to another to the authorized_keys file and test the ssh to each other as the user you are working on and it should work without prompting for the password.

Hope this helps!
Highlighted
New Member

Re: Disable SSH password authentication?

Thank you for your response, Pratibha; however, I do not think it is what I am looking for.

I want to make it impossible for anyone to use password authentication.

For example, in an OpenSSH configuration file (on my Linux boxes) there is a setting called "PasswordAuthentication" , which I set to "no". I haven't seen any similar setting for iLO's SSH daemon.

I do see that you've provided UNIX commands, seemingly to be run in iLO SSH? Is there any way to escape from the iLO CLI and use real UNIX commands? This way I could edit the configuration file of the SSH daemon directly...
Highlighted
Honored Contributor

Re: Disable SSH password authentication?

As far as I know, there is no way to disable SSH password authentication in iLO.

However, you could achieve much the same effect by setting the iLO account password to a very long and complex string, and then forgetting it (i.e. intentionally "losing" the password, after making sure it's as hard to guess as possible).

MK
MK