SSH – remote login

Introduction

SSH (Secure Shell) is a tool used to connect to remote computers securely. It offers various ways to authenticate yourself, and the order in which these methods are tried can affect your connection.

In this guide, we’ll discuss the different SSH authentication methods and how to control their order. We’ll cover:

  • Authentication Methods: The different ways you can log in.
  • Authentication Order: How SSH tries these methods.
  • Configuring Order: How to change the order on your computer.

Authentication Methods

SSH offers several ways to log in:

  • Password: The most common way, but also the least secure.
  • SSH Keys: A more secure method that uses a pair of keys (public and private).
  • Kerberos: A single sign-on system used in some networks.
  • Host-based Authentication: Less secure and usually used in internal networks.

Controlling Authentication Order

You can control the order in which SSH tries these methods using the following options:

  • AuthenticationMethods (server): Specifies the required order for authentication methods on the server.
  • PreferredAuthentications (client): Sets the preferred order for authentication methods on the client.

Example:

To require password authentication followed by SSH keys on the server, add this line to /etc/ssh/sshd_config:

AuthenticationMethods password,publickey

To prefer SSH keys over passwords on the client, add this line to /etc/ssh/ssh_config:

PreferredAuthentications publickey,password

Summary

By understanding SSH authentication methods and how to control their order, you can improve the security of your connections and make them more convenient.