SSH password authentication is enabled.

JAB Creations

• June 08, 2026 23:21
• Edited

SSH password authentication is enabled.

Disable SSH password authentication in the “SSH Password Authorization Tweak” area

No, I don't want just anyone to authenticate as root by disabling password authentication. What kind of security notice is this? I authenticate via SSH as root with a required password, this is normal. I need SSH access as an administrator. I looked in to the file sshd_config and came across the following via https://linux.die.net/man/5/sshd_config:

PermitRootLogin
Specifies whether root can log in using ssh(1). The argument must be ''yes'', ''without-password'', ''forced-commands-only'', or ''no''. The default is ''yes''.

If this option is set to ''without-password'', password authentication is disabled for root.

If this option is set to ''forced-commands-only'', root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root.

  If this option is set to ''no'', root is not allowed to log in.

I am authenticating as root when I need to. This error either needs to be strongly corrected or disabled outright. I'd be grateful for meaningful response from one of our cPanel friends please. I really don't need emails from the serving complaining that everything is fine.

• 

  cPRex Jurassic Moderator

  • June 09, 2026 14:03

  Hey there!  We've always recommend that users configure SSH keys for additional security, so that isn't a new change.

  The Security Advisor data gets stored in /var/cpanel/security_advisor_history.json so it will only send you notifications if there is a change or update when the nightly maintenance is run.

  Since that is the case, you shouldn't continually receive notifications about the SSH configuration after the first one.

  For additional security you may also want to change the SSH port.

  0
• 

  JAB Creations

  • June 09, 2026 15:37

  Hi Rex! So I use PuTTY to do SSH with the server. When I setup a new server it asks if I want to trust the certificate. I'm happy to learn how to handle SSH keys but may I please have some helpful direction on how to handle that?

  0
• 

  cPRex Jurassic Moderator

  • June 10, 2026 18:18

  There's a difference between that standard "are you sure you want to connect" and using an actual SSH key.

  If you scroll down about halfway there's a guide here:

  https://www.cpanel.net/blog/tips-and-tricks/secure-your-cpanel-server-with-ssh-keys-and-public-key-cryptography/

  but SSH keys are the same across all Linux systems and aren't special to cPanel.

  You don't *have* to use one at all if you don't want, and it shouldn't continue to ping you about it until the next major server update.

  0

Please sign in to leave a comment.