Recently, we wanted to connect to a machine via
SSH without using the default
RSA key that was available in the client’s profile (
We needed to avoid using the public key authentication method for two reasons:
- The client did not want to share the passphrase with us
- We did not want to move the key, not even temporarily
So, to connect via
SSH while ignoring the key completely we connected using the following command
ssh -o PreferredAuthentications=keyboard-interactive,password -o PubkeyAuthentication=no [email protected];
Explanation of parameters:
-o Was used to give options in the format used in the configuration file (
/etc/ssh/ssh_config). It is useful for specifying options for which there is no separate command-line flag available.
-o PreferredAuthentications can be used to change the default order of authentication and bypass the
GSSAPI-based authentication, the
host-based authentication, the
public key authentication and the
-o PreferredAuthentications=keyboard-interactive,password instructs the server to perform the authentication through the
keyboard-interactive method and if that method is not available to use the
keyboard-interactive authentication method is a request for all different pieces of information needed for the authentication. The server can specify, which inputs need to be hidden when user types them and which are not.
password authentication is a request for a single password. There is no configuration sent by the server. So the client decides how to format the prompt.
-o PubkeyAuthentication=no Specifies whether to try public key authentication. By setting the value to
no it disables it.