[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Sep 22 23:49:30 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=701
------- Additional Comments From jfh at cise.ufl.edu 2003-09-22 23:49 -------
Perhaps then, the wording of the sshd_config(8) man page should be
modified somewhat:
Change
If this option is set to ``without-password'' password
authentication is disabled for root.
to
If this option is set to ``without-password'', logins via the OpenSSH
password authentication method are disabled for root. Other authentication
methods (e.g., PAM) may still allow root to login via a password.
Would anyone be interested in a 'publickey' setting for the 'PermitRootLogin'
directive? I should be able to code one up in the next day or so. This would
remove any ambiguity and lock down logins to publickey only.
(Sorry if this is a dup -- I responded via email to Markus' first comment
and it didn't show up -- I'm obviously Bugzilla-impaired :->)
Jim
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list