Question

1

is it possible to ssh into ubuntu server with keys and from another computer using password?

rated 0 times [ 1] [ 0] / answers: 1 / hits: 1234 / 3 Years ago, sun, may 16, 2021, 2:57:57

I have ubuntu server at home, and I use SSH keys to log in via terminal from my laptop. Rarely, but mostly from work, I need to access this server, but I dont want to copy keys on my work laptop - Id rather just use plain password for that.

So if I enable password log in from ssh config file, it will ask me password on my laptop too even though it contains keys, right?

Is there a way to stop this behavior?

Thanks.

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

cupwire

Add To Favorites

Follow

Total Points: 365

Total Questions: 126

Total Answers: 125

Location: Malaysia

Member since Thu, Feb 16, 2023

1 Year ago

cupwire questions

1 WPA2 wifi refuses to connect after upgrade to 22.04

Wed, Feb 1, 23, 14:35, 1 Year ago

1 Opening a spreadsheet at startup on LibreOffice in Ubuntu studio 21.04

Fri, Oct 22, 21, 09:14, 3 Years ago

1 What's the difference between dash and dock?

Fri, Jan 20, 23, 07:19, 1 Year ago

1 Network Configuration Gone - Unable to Reset or Apply Netplan

Mon, Sep 13, 21, 20:42, 3 Years ago

1 How to recursively list only hidden files from a terminal

Fri, Jul 8, 22, 16:11, 2 Years ago

View All

answered 3 Years ago nguai · Accepted Answer

It is possible to force your laptop to use the keyfile even if both the password and keybased approach are available. If you're currently connecting with ssh [email protected] -p 22, edit ~/.ssh/config and add:

Host your.host.tld

    PreferredAuthentications publickey

This configuration file can be used to make you type even less:

Host home

    Hostname your.host.tld

    User user

    PreferredAuthentications publickey

    Port 22

With that configuration, you just need ssh home.

It's possible to restrict password-based logins to a certain IP address. In /etc/ssh/sshd_config, you'd have a line that disabled password-based auth: PasswordAuthentication no. To enable it for logins from a certain IP, you could use:

Match Address 12.34.56.78

    PasswordAuthentication yes

I suggest you to use keybased auth even if on work. It's much safer than password-based auth as it cannot be bruteforced that easily. You can have multiple keys for the same account, that should not be an issue.

For more fancy configuration directives, see the manual page of ssh_config(5). (for the server side, see sshd_config(5))