Skip to content

Quiz: SSH Deep Dive

← Back to quiz index

2 questions

L1 (2 questions)

1. Why should you disable SSH password authentication and what do you use instead?

Show answer Passwords are brute-forceable. Use SSH key pairs (Ed25519 preferred). Set PasswordAuthentication no in sshd_config. For teams, use an SSH CA or short-lived certificates via Vault/SSO.

2. How do you limit which users can SSH into a server?

Show answer AllowUsers or AllowGroups in sshd_config. Combine with firewall rules to restrict source IPs. For bastion hosts, use ProxyJump (-J) so internal servers never expose SSH to the internet.