Disabling Password Authentication for Internet-Facing SSH: Security Boost or Overkill?
2025-01-18
This article weighs the pros and cons of disabling password authentication for internet-facing SSH. While strong passwords offer protection against brute-force attacks, the author argues that disabling password authentication provides extra layers of security against stolen credentials, SSH server vulnerabilities, and attacks targeting default accounts. However, this also introduces inconvenience, such as the inability to log in without a keypair. The author suggests a careful consideration of the trade-offs based on individual circumstances.