Is disabling password login for SSH the same as deleting the password for all users?

Posted by Arsham Skrenes on Server Fault See other posts from Server Fault or by Arsham Skrenes
Published on 2013-10-30T07:42:42Z Indexed on 2013/10/30 9:56 UTC
Read the original article Hit count: 177

Filed under:
|
|
|
|

I have a cloud server with only a root user. I SSH to it using RSA keys only. To make it more secure, I wanted to disable the password feature. I know that this can be done by editing the /etc/ssh/sshd_config file and changing PermitRootLogin yes to PermitRootLogin without-password. I was wondering if simply deleting the root password via passwd -d root would be the equivalent (assuming I do not create more users or new users have their passwords deleted too). Are there any security issues with one approach verses the other?

© Server Fault or respective owner

Related posts about linux

Related posts about ubuntu