Disabling Password Login on EdgeMAX Routers
      08 February 2014
    
    Enabling public key authentication on the EdgeMAX router is not as straight forward as manually configuring sshd_config and adding an authorized key. Running through the CLI configuration manager is the appropriate procedure in this case. Using the configure command, the ssh settings and the public key will be added to the routers configuration file, which is convenient when backing up settings and restoring configurations.
The setup is based on the EdgeRouter Lite (firmware v1.4.0) and the ubnt wiki.
Setup
In steps 2 and 4, substitute the appropriate username and router IP address.
- Generate keys on client machine
- SCP file to router home: scp ~/.ssh/id_rsa.pub USERNAME@ROUTERIP:~/id_rsa.pub
- configure
- loadkey USERNAME ~/id_rsa.pub
- set service ssh disable-password-authentication
- commit
- save
- exit
Undo
To enable password authentication again, using an already open ssh session or through the web CLI, delete the configuration line in step 5 above.
- delete service ssh disable-password-authentication
- commit
- save
- exit
Further Reading
blog comments powered by Disqus