Everything was ready out the box…
I did have fun as my configuration in my client application was set to point to an IP rather than the hostname.
Some related notes:
Note, I'd added the user account to the group “sftp” which then made it specifically an sftp
account and blocked it for ssh
using the basic configuration. I got the error “the session allows sftp connections only” when trying to ssh
. Removing the account from the group fixed things.
# Create sftp group and add user groupadd sftp usermod -a -G sftp david # Restart SSH - 2 methods systemctl restart ssh service ssh reload # Remove user from group gpasswd -d david sftp # View groups groups david
Disable Passwords
Make sure you have a key (or a host who can let you back in if you loose it) before doing this.
Edit the file:
sudo vi /etc/ssh/sshd_config
Change this bit from “yes” to “no”:
# To disable tunneled clear text passwords, change to no here! PasswordAuthentication no #PermitEmptyPasswords no
Restart SSH:
sudo systemctl restart ssh