diff --git a/nodepool/elements/infra-package-needs/post-install.d/89-sshd b/nodepool/elements/infra-package-needs/post-install.d/89-sshd
index 4e4c93b5ab..1acece743a 100755
--- a/nodepool/elements/infra-package-needs/post-install.d/89-sshd
+++ b/nodepool/elements/infra-package-needs/post-install.d/89-sshd
@@ -26,3 +26,8 @@ set -o pipefail
 # properly login.
 sed -i -e'/PermitRootLogin/d' /etc/ssh/sshd_config \
     && echo "PermitRootLogin Yes" >> /etc/ssh/sshd_config
+
+# NOTE(clarkb): Glean configures ssh keys only and not passwords. Disable
+# unnecessary password auth.
+sed -i -e '/PasswordAuthentication/d' /etc/ssh/sshd_config \
+    && echo "PasswordAuthentication No" >> /etc/ssh/sshd_config