How to disable password authentication and Create login alert in Linux

Small tips for securing a server with from SSH login

1. Disable Password Login

Edit /etc/ssh/sshd_config and set the following

Now you can only login via ssh keys. Generate your local keys using below command

Copy thee key to the remote server to where you want to ssh.

Then appened your in the user account on the server i.e. /root/.ssh/authorized_keys

2. Random Passwords

Set all user passwords to large pseudo-random strings.
i.e. I set all users on all servers with different passwords looking like this:
20 random alpha-numeric characters (a-z, A-Z, 0-9)

see here for more passwords
you can test the password with the brute force search space calculator with

3. Login alerts by email

Every-time a user has logged in the system, you should get an email alert.
For that I do put and appended it to the end of /etc/profile

Then create a file /etc/

So you will get an email like this every time someone login to the server.

The following two tabs change content below.

Tapas Mishra

Sr. Engineer (DevOps)
Loves to work on Opensource products. Having experience on Linux environment. Knowledge on Public cloud services like AWS, Rackspace, DigitalOcean, Linode. Please don't hesitate to give a comment on the posts. Your comments are my strength.

Leave a Reply