Publicly accessible Azure VM uses password-based SSH authentication

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

A publicly accessible compute instance has password-based SSH authentication. The usage of password-based SSH authentication increases the risk of brute-forcing username and passwords to gain access to the resource.

Remediation

  1. Review Create and manage SSH keys for authentication to a Linux VM in Azure for steps on creating and enabling SSH keys for authentication to compute instances. To transition from Username and Password authentication to SSH, you must deprovision the current VM and create an image of it with SSH as the authentication method. There is no way to transition directly.