[Bug 843] sshd_config.5: add warning to PasswordAuthentication

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon May 3 19:21:03 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=843





------- Additional Comments From dtucker at zip.com.au  2004-05-03 19:21 -------
Created an attachment (id=624)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=624&action=view)
Add detail to UsePAM section of sshd_config

How's this?  For those that don't speak nroff (I don't I just mimic the bits
that look like what I want :-), the text is:

UsePAM	Enables the Pluggable Authentication Module interface.	To
	authenticate via PAM you must use ChallengeResponseAuthentication
	(keyboard-interactive for SSHv2, TIS for SSHv1) so you should
	also set PasswordAuthentication to ``no''.

	If UsePAM and PasswordAuthentication are both enabled, then users
	may authenticate via the native password mechanism, bypassing the
	PAM auth module.  In such a case, the PAM account and session
	modules will still be checked.

	If UsePAM is enabled you will not be able to run sshd as a non-
	root user.  The default is ``no''.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list