Disabling Password Login on EdgeMAX Routers
Enabling public key authentication on the EdgeMAX router is not as straight forward as manually configuring sshd_config and adding an authorized key. Running through the CLI configuration manager is the appropriate procedure in this case. Using the configure command, the ssh settings and the public key will be added to the routers configuration file, which is convenient when backing up settings and restoring configurations.
The setup is based on the EdgeRouter Lite (firmware v1.4.0) and the ubnt wiki.
In steps 2 and 4, substitute the appropriate username and router IP address.
- Generate keys on client machine
- SCP file to router home:
scp ~/.ssh/id_rsa.pub USERNAME@ROUTERIP:~/id_rsa.pub
loadkey USERNAME ~/id_rsa.pub
set service ssh disable-password-authentication
To enable password authentication again, using an already open ssh session or through the web CLI, delete the configuration line in step 5 above.
delete service ssh disable-password-authentication
blog comments powered by Disqus