github/vim-ale
1
0
Fork 0
mirror of https://github.com/webinstall/webi-installers.git synced 2026-02-14 17:49:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fix-classifier-linux-gnu
vim-ale/sshd-prohibit-password
History

README.md

title, homepage, tagline, linux
title homepage tagline linux
SSH Prohibit Password https://webinstall.dev/sshd-prohibit-password SSH Prohibit Password: Because friends don't let friends ssh with passwords true

Files

These are the files / directories that are created and/or modified with this install:

~/.config/envman/PATH.env
~/.local/bin/sshd-prohibit-password
/etc/ssh/sshd_config

Cheat Sheet

Will check if your system This will check if your Modern SSH deployments are key-only and don't allow root login. However, there's a lot of legacy systems out there.

sshd-prohibit-password will inspect /etc/ssh/sshd_config and

  1. Enforce that PasswordAuthentication is no
  2. Enforce that PermitRootLogin is no or prohibit-password
    (or without-password, for older systems)
  3. (macOS only) Enforce that UsePAM is no

This will run automatically and uses sudo to make changes.

What's checked and changed?

- #PasswordAuthentication yes
+ PasswordAuthentication no

- #PermitRootLogin yes
+ PermitRootLogin prohibit-password

  # macOS only
- UsePAM yes
+ UsePAM no

How to restart SSH?

# Ubuntu / Debian / RedHat
sudo systemctl restart sshd

# Alpine / Gentoo
sudo rc-service sshd restart

# macOS
sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist
sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist

# others
killall sshd
Reference in New Issue View Git Blame Copy Permalink