diff --git a/nodepool/elements/infra-package-needs/post-install.d/89-sshd b/nodepool/elements/infra-package-needs/post-install.d/89-sshd
index 4e4c93b5ab..46cc60f68e 100755
--- a/nodepool/elements/infra-package-needs/post-install.d/89-sshd
+++ b/nodepool/elements/infra-package-needs/post-install.d/89-sshd
@@ -25,4 +25,9 @@ set -o pipefail
 # NOTE(pabelanger): Glean configures access for root user, so allow us to
 # properly login.
 sed -i -e'/PermitRootLogin/d' /etc/ssh/sshd_config \
-    && echo "PermitRootLogin Yes" >> /etc/ssh/sshd_config
+    && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
+
+# NOTE(clarkb): Glean configures ssh keys only and not passwords. Disable
+# unnecessary password auth.
+sed -i -e '/PasswordAuthentication/d' /etc/ssh/sshd_config \
+    && echo "PasswordAuthentication no" >> /etc/ssh/sshd_config