Problem:
I'm trying to disable SSH password auth for multiple servers.
Which means I have to modify the sshd_config file.
From
#PasswordAuthentication yes
to
PasswordAuthentication no
I really don't wanna do it one by one. Is there any ways that I can distribute/modify the config file on multiple servers with a single command?
Assumptions you can make:
- Those servers have same OS
- I can broadcast the SSH command to multiple servers at once
Other notes:
I set the config file to listen different address and/or port on each server.
So this could not be done by downloading the updated config file from a central server.
I prefer a text replacement command to do the job
Best Answer
Look into configuration management tools like Puppet, Ansible or cfengine. They are helpful in the long run.
For a one-off, you could use Augeas, that make this change extremly easy, or even
sed
, which is present on most systems without further installs.This can be sent in a simple ssh command: