[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Sep 22 23:49:30 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=701





------- Additional Comments From jfh at cise.ufl.edu  2003-09-22 23:49 -------
Perhaps then, the wording of the sshd_config(8) man page should be 
modified somewhat:

Change

        If  this option is set to ``without-password'' password
        authentication is disabled for root.

to

	If  this option is set to ``without-password'', logins via the OpenSSH
	password authentication method are disabled for root. Other authentication
	methods (e.g., PAM) may still allow root to login via a password.

Would anyone be interested in a 'publickey' setting for the 'PermitRootLogin'
directive? I should be able to code one up in the next day or so. This would
remove any ambiguity and lock down logins to publickey only.

(Sorry if this is a dup -- I responded via email to Markus' first comment
and it didn't show up -- I'm obviously Bugzilla-impaired :->)

Jim




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list