I connect to a server I don't control via SSH.
I use public key access and don't need to be able to connect with a keyboard-interactive password.
I would like to disable keyboard-interactive access to my user so that there is no way for others to hack in this way.
Since I don't control the server, is there a way to set up my user's config file to prevent keyboard-interactive access?
If you have absolutely no control over the server, I don't see a way of doing this, as you don't control server settings, which is where this would have to be.
What you'd need to do is add this to the /etc/ssh/sshd_config file:
Now, this would effectively disable password authentication for all users, which may be undesirable. What you could do then, is put this configuration directive in a Match block, so it only applies to your user, in the same config file:
If you could get the server's admin to do this for you, it might be the way to go.
One other way is to set a really long, random and complicated password for your user, that way you're reasonably protected from random brute-force break-in attempts. Most attackers would likely be using some dictionary-based technique so as long as your password is long and random enough, it should be quite safe.
See "man sshd_config" for more details. Also, the solution I propose was suggested here.
You just need to edit this line from file
/etc/ssh/sshd_configfromyestono:[I assume you're using BASH as your login shell. If not, adjust appropriately...]
In
~/.ssh/authorized_keys, prepend a command specification to each line like this:In
~/.bash-profile, put the following trap at the top:Now you'll just get mail when someone uses a password to enter your account.