When Password-based authentication mechanism is active, meaning that your server is still exposed to brute-force attacks. We want to Disable Password Authentication on Server’s, where we use ssh access to console.
Before completing the steps in this section, make sure that you either have SSH key-based authentication configured for the root account on server, or preferably, that you have SSH key-based authentication configured for an account on server with sudo access.
This step will lock down password-based logins, so ensuring that you have will still be able to get administrative access is essential.
Once the above conditions are true, log into your remote server with SSH keys, either as root or with an account with sudo privileges. Open the SSH daemon’s configuration file:
/etc/ssh/sshd_config
Inside the file, search for a directive called PasswordAuthentication. This may be commented out. Uncomment the line and set the value to “no”. This will disable your ability to log in through SSH using account passwords:
PasswordAuthentication no
Save and close the file when you are finished. To actually implement the changes we just made, you must restart the service.
service ssh restart
After completing this step, you’ve successfully transitioned your SSH daemon to only respond to SSH keys.