Publicly accessible Azure VM uses password-based SSH authentication

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

A publicly accessible compute instance has password-based SSH authentication. The usage of password-based SSH authentication increases the risk of brute-forcing username and passwords to gain access to the resource.

Remediation

  1. Review Create and manage SSH keys for authentication to a Linux VM in Azure for steps on creating and enabling SSH keys for authentication to compute instances. To transition from Username and Password authentication to SSH, you must deprovision the current VM and create an image of it with SSH as the authentication method. There is no way to transition directly.