Check for SSH password authentication

11/11/2022 - Ted

SSH password authentication is an easy way to get into SSH, but it's also easy for hackers to try to brute force the passwords. Use a password encrypted pub/private keys only and the hacker are given an insurmountable task.

To check a remote SSH server has password authentication available of not, use this quick check:

ssh -v -n \
  -o Batchmode=yes \
  -o StrictHostKeyChecking=no \
  -o UserKnownHostsFile=/dev/null \
  DOES_NOT_EXIST@server.hostname 2>&1 | grep password

SSH password authentication enabled

debug1: Authentications that can continue: publickey,password
debug1: Authentications that can continue: publickey,password
debug1: Authentications that can continue: publickey,password
debug1: Authentications that can continue: publickey,password
Permission denied (publickey,password).

SSH passwords disabled

(no output)

Neuron Tags

Check for SSH password authentication

Tags:

Search form

Neuron Tags

User login

Check for SSH password authentication

Tags: