This is considered good practice for any linux platform that has publicly addressable interfaces...
Of course you will need to setup PKI public/private keys for any secure login. I am not suggesting that you turn off authentication entirely !
I had a VPS linux host out there untended for a while, and the hackers find it irresistible - there were 11,000+ authentication failures in the logs.
To stop password authentication by sshd, just add these entries to your /etc/sh/sshd_config file:
I had a VPS linux host out there untended for a while, and the hackers find it irresistible - there were 11,000+ authentication failures in the logs.
To stop password authentication by sshd, just add these entries to your /etc/sh/sshd_config file:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no