sshd: Is PasswordAuthentication disabled on the Production image?

parsenault-intelcom · April 4, 2025, 5:58pm

Hi! I’m trying to verify if the sshd service has PasswordAuthentication disabled on the BalenaOS production image.

Under /etc/ssh, I found 3 sshd_config files: sshd_config sshd_config_development and sshd_config_readonly:

sshd_config and sshd_config_development do not define PasswordAuthentication, so it would default to yes
sshd_config_readonly explicitely disables PasswordAuthentication with PasswordAuthentication no

Questions:

What sshd_config file is used by the sshd service?
Is PasswordAuthentication disabled on the Production image?

I’m using balenaOS 6.5.9 on Raspberry Pi 4 (using 64bit OS)

klutchell · April 11, 2025, 7:11pm

Hey there, welcome to the forums and thanks for the question!

I can confirm that SSH password authentication is disabled on production images.
Passwordless access is enabled for development images unless SSH keys are provided via config.json.

You can read more about the differences between production and development modes here.

I hope this helps!

Topic		Replies	Views
Remove empty password login for root from balenaOS dev image balenaOS	7	576	June 21, 2022
Why is the 22222 port open in Production mode? balenaOS	3	857	July 24, 2019
How to disable local ssh on balena OS Product support ssh	6	403	August 30, 2022
Some help for a begginner balenaOS	1	412	April 2, 2020
Protect Services balenaOS docker , security	3	562	July 2, 2020

sshd: Is PasswordAuthentication disabled on the Production image?

Related topics