User-specific sshd_config?

Bob Proulx bob at
Sat Apr 5 03:41:14 EST 2008

Peter Stuge wrote:
> Bob Proulx wrote:
> > When faced with a similar problem I ran an additional and separate
> > sshd and supplemented the configuration with command line arguments.
> > In this case IIRC -oPasswordAuthentication=no -Port=2222
> > -oPidFile=/var/run/
> Unfortunately the user will still be authenticated by password on
> port 22.

You missed reading (and subsequently trimmed out) the fact that there
were firewall rules involved.  Just because I am a pedant here is what
I said:

> -oPidFile=/var/run/ and installed a control script
> /etc/init.d/sshd.nopass and then adjusted firewall rules accordingly.


I don't know for what purpose the original poster is wanting to use
specialized configuration to turn off passwords but in my case I was
able to use firewall rules to ensure that only that specially
configured port was accessed from an untrusted network.  I was able to
block the normal port and therefore able to block password access.  I
kept password access available from the internal private (and much
more trusted) network.


More information about the openssh-unix-dev mailing list