Following your Key-Based SSH Logins With PuTTY step #9: Disable Username/Password Logins, I made the changes to sshd_config: Protocol 2 PasswordAuthentication no UsePAM no Then tried to restart sshd and got the following error: Could not load host key: /etc/ssh/ssh_host_ecdsa_key [....] Restarting OpenBSD Secure Shell server: sshdCould not load host key: /etc/ssh/ssh_host_ecdsa_key So consequently I can still SSH as root. I checked and ssh_host_ecdsa_keys were missing so I ran: ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ”password It created the keys but I still get the same error when restarting sshd "Could not load host key: /etc/ssh/ssh_host_ecdsa_key" Your help would be appreciated, Thanks.
Solved the problem with the keys by uninstalling SSH and reinstalling it: apt-get purge openssh-server and then apt-get install ssh openssh-server Made changes again to sshd_config - restarted sshd and still can log in as root or with keys Can also ftp to server using root and password I've doubble checked sshd_config and the changes are correct?
To allow only key based loginsm set: PermitRootLogin without-password and restart sshd. I guess you mix up ftp with sftp. SFTP is ssh and not ftp and therefor part of the sshd. Root logins by ftp are not possible as pure-ftpd forbids that by default.
Thanks That fixed it! Yes, I think ftp but never use it, always use sftp. Just finished: The Perfect Server - Debian 8 Jessie (Apache2, BIND, Dovecot, ISPConfig - without any problems! Thanks for all your work!