PAM auth stage rejection not working
Christian Pfaffel
flash at itp.tu-graz.ac.at
Thu Jan 22 02:30:06 EST 2004
Nick Burrett <nick at dsvr.net> writes:
> The contents of sshd_config are:
>
> Port 22
> Protocol 2,1
> HostKey /usr/local/etc/ssh/ssh_host_key
> HostKey /usr/local/etc/ssh/ssh_host_rsa_key
> HostKey /usr/local/etc/ssh/ssh_host_dsa_key
> ServerKeyBits 768
> LoginGraceTime 600
> KeyRegenerationInterval 3600
> PermitRootLogin no
> IgnoreRhosts yes
> RhostsRSAAuthentication
> StrictModes yes
> X11Forwarding no
> X11DisplayOffset 10
> PrintMotd yes
> KeepAlive yes
> PrintLastLog no
> SyslogFacility AUTH
> LogLevel INFO
> RhostsRSAAuthentication no
> HostbasedAuthentication no
> RSAAuthentication yes
> PasswordAuthentication yes
> PermitEmptyPasswords no
> UsePAM yes
> #ChallengeResponseAuthentication no
> KerberosAuthentication no
> UseLogin no
> Banner /usr/local/etc/issue.net
> Subsystem sftp /usr/libexec/openssh/sftp-server
> MaxStartups 10:30:60
>
>
You might want to add
PasswordAuthentication no
to your sshd_config have a look at sshd_config(5) and search for
UsePAM.
regards,
Christian Pfaffel
--
Christian Pfaffel <flash at itp.tu-graz.ac.at>
Technische Universität Graz Telefon: +43 / 316 / 873 - 81 90
Institut für Theoretische Physik Telefax: +43 / 316 / 873 - 86 78
Petersgasse 16, A-8010 Graz http://fubphpc.tu-graz.ac.at/~flash/pubkey.gpg
More information about the openssh-unix-dev
mailing list