I know of the option
PasswordAuthentication yes
inside /etc/ssh/sshd_config
. Is it possible to set this per user? My goal is to have one user with root privileges to only login with a public key, not through a password. And another user with lower privileges to login with a password, not requiring a public key.
sshd_config
includes the option Match
, which allows to start a conditional block
Match User user1
PasswordAuthentication yes
Match all
Other rules
You can add different conditional rules that way.
For instance, allow only user1, from a specific IP:
Match Address 192.168.1.20
AllowUsers user1
Once you have modified the sshd_config:
systemctl restart sshd
systemctl status sshd
And you can test your setup.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.