Disable Password Auth

[kenneth_vkd]

Hi
We are looking into hardening our PVE setup. Currently access to the web UI is fairly locked down with restrictive inbound firewall rules and 2FA for all users, including root@pam.
We do however plan to update the SSH server configuration to disable password-based authentication entirely, so that you can only access SSH using key-based authentication. This way it becomes more difficult for a potential attacker to access servers if they were to infiltrate a "trusted" network and somehow gain the password for th root user.
Currently running 5 nodes on PVE 7.3, and expanding regularly as needed.

Are there any special considerations for doing this on existing nodes and will there be a change in the process of joingin a new node to the cluster?

 

[sterzy]

Hi,

from the top of my head, removing password-based authentication from SSH should be fine for an existing cluster. Upon join the nodes should install the SSH keys on all other respective nodes. However, if you carry out a join through the GUI the root password will be used to do that out. I haven't tested it, but if you manually enter the new node's key beforehand on the other nodes, the join may still succeed. I'll see if I can get around to testing this soon, if you want.

 

[sterzy]

As a colleague pointed out to me, you don't even need to exchange the ssh keys manually. We do that via the API these days. So yes, you can just disable password authentication. That should work just fine.