Make sure Public Key Authentication is active


The PubkeyAuthentication SSHD configuration specifies whether public key authentication is allowed.

this is active by default. This test ensures the default configuration is in place.

Why you should not disable Public Key

Public keys are safer and less subject to brute force attacks than other authentication methods. Public key ensures that passwords won’t be sent over the network, providing an additional layer of security. Additionally, SSH keys aren’t human generated, so you’ll avoid having easy-to-guess keys like “123456” or “password”. Finally, you can add a password to your SSH key authentication (multi-factor authentication) to increase security even further.

How to re-enable Public key authentication

You need to delete the line containing PubkeyAuthentication, since the default value is the correct one.

Look for PubkeyAuthentication at /etc/ssh/sshd_config:

grep PubkeyAuthentication /etc/ssh/sshd_config

If the output isn’t empty, the argument is present in the file. Edit the file /etc/ssh/sshd_config and replace the current PubkeyAuthentication value for yes. If the line is commented (contains a leading #), uncomment it removing the leading #.

If the output is empty, this argument could still be defined in a .conf file at /etc/ssh/sshd_config.d/. Check there too:

grep PubkeyAuthentication /etc/ssh/sshd_config.d/*.conf
The /etc/ssh/sshd_config.d/ directory doesn’t exist at Ubuntu 18.04, you only need to check it if you`re using Ubuntu 20.04 or more recent.

If the output isn’t empty, edit the file where the argument is defined, changing its value to yes.

If you couldn’t find the argument definition anywhere, edit the file /etc/ssh/sshd_config and include the following line:

PubkeyAuthentication yes

Finally, restart the SSHD service:

sudo systemctl restart sshd