I successfully tested this:
sudo sed -E -i 's|^#?(PasswordAuthentication)\s.*|\1 no|' /etc/ssh/sshd_config
if ! grep '^PasswordAuthentication\s' /etc/ssh/sshd_config; then echo 'PasswordAuthentication no' |sudo tee -a /etc/ssh/sshd_config; fi
This will use sed
to edit the file in-place. In addition to replacing whatever follows PasswordAuthentication
with no
, it will remove the comment at the beginning of the line, which is there by default on Ubuntu. If this command is run a 2nd or 3rd time, there will be no additional change to the file.
The second line adds the config option to the file in case it was deleted somehow.