how to disable SSH login with password for some users?

Solution 1:

Try Match in sshd_config:

Match User user1,user2,user3,user4
    PasswordAuthentication no

Or by group:

Match Group users
    PasswordAuthentication no

Or, as mentioned in the comment, by negation:

Match User !root
    PasswordAuthentication no

Note that match is effective "until either another Match line or the end of the file." (the indentation isn't significant)

Solution 2:

Match in sshd_config works well. You should use Match all to end the match block if you're using openssh 6.5p1 or above. Example:

PasswordAuthentication no
Match User root
PasswordAuthentication yes
Match all

Solution 3:

There are a few ways that you can do this - first, you could concievably run a second sshd daemon on a different port with different config - its a bit of a hack, but with some chroot work it should work just fine.

Also, you could allow password authentication, but lock the passwords for all but the one user. The users with locked passwords will still be able to authenticate with public keys.

how to disable SSH login with password for some users?

Solution 1:

Solution 2:

Solution 3:

Tags:

Linux

Ssh

Login

Password

Related

Recent Posts