FTP disabled but still have access via SSH key. Is this the expected behavior?

Ben Taylor

• February 12, 2022 09:18

I wanted to disable access to FTP using password auth and only have access via an SSH key. I've setup an SSH key for FTP access and disabled local FTP server. This appears to be exactly what I want but it's a bit confusing. I would have thought that disabling FTP would not allow access via SSH but it still lets me in. My question is, Is this the expected behavior?

• 

  quietFinn

  • February 12, 2022 18:42

  Even if you disable FTP you can still login using SFTP. If you want to disable logging in using password set: PasswordAuthentication no in /etc/ssh/sshd_config and restart sshd.

  0
• 

  cPRex Jurassic Moderator

  • February 14, 2022 15:18

  That's the intended behavior and @quietFinn has a good suggestion, us usual.

  0
• 

  Bruno Mirchevski

  • February 15, 2022 14:48

  Keep in mind that FTP and SSH are different services, thus if you disable one - the other one will remain fully functional. Disabling FTP would prevent you from connecting over FTP or FTPS. Disabling SSH would prevent you from using SSH and SFTP. The one alternative is the one that @quietFinn suggested. The other one, if the main point is to secure your server - is to simply deny access to FTP/SSH ports via WHM -> Host Access Control and allow only the IPs that you would like to be able to reach these services. Personally, I use the first alternative but thanks to my experience with

  0

Please sign in to leave a comment.