*** auth.c.orig	Tue Sep  2 17:32:46 2003
--- auth.c	Fri Sep 19 08:47:22 2003
***************
*** 310,322 ****
  int
  auth_root_allowed(char *method)
  {
  	switch (options.permit_root_login) {
  	case PERMIT_YES:
  		return 1;
  		break;
  	case PERMIT_NO_PASSWD:
! 		if (strcmp(method, "password") != 0)
! 			return 1;
  		break;
  	case PERMIT_FORCED_ONLY:
  		if (forced_command) {
--- 310,336 ----
  int
  auth_root_allowed(char *method)
  {
+         int i;
+         int root_allowed = 1;
+ 
+         char *no_pw_methods[] = {
+             "password",
+             "keyboard-interactive",
+             NULL
+         };
+ 
  	switch (options.permit_root_login) {
  	case PERMIT_YES:
  		return 1;
  		break;
  	case PERMIT_NO_PASSWD:
!                 for (i = 0; no_pw_methods[i] != NULL; i++) 
!                     if (strncmp(method, no_pw_methods[i], strlen(no_pw_methods[i])) == 0) { 
!                         debug2("Method %s denied for root", no_pw_methods[i]);
!                         root_allowed = 0;
!                     }
!                 if (root_allowed)
!                     return 1;
  		break;
  	case PERMIT_FORCED_ONLY:
  		if (forced_command) {