[Bug 983] Required authentication

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Jan 8 08:09:15 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=983

--- Comment #26 from Paul Sery <pgsery at swcp.com> 2010-01-08 08:09:14 EST ---
The configuration below is incorrect. When using protocol 2, it should
read:

...
RequiredAuthentications2 password

Also, there's no need to specify publickey in conjunction with other
authentication methods because it will always be tried first (as
specified in the rfc).

You could use the following config if you want to use hostbased and
password together (protocol 2):

...
RequiredAuthentications2 hostbased
RequiredAuthentications2 password

(In reply to comment #24)
> Created an attachment (id=1667)
 --> (https://bugzilla.mindrot.org/attachment.cgi?id=1667) [details]
> Updates RequierdMethods patch to -current
> 
> Use the following sshd_config:
>    UsePrivilegeSeparation no
>    UsePAM no
>    RequiredAuthentications1 password
>    RequiredAuthentications2 publickey
> 
> Get following error w/ UsePrivilegeSeparation yes
> 
> debug2: input_userauth_request: try method password
> debug3: mm_auth_password entering
> debug3: mm_request_send entering: type 10
> mm_request_receive_expect: read: rtype 10 != type 24
> 
> Need to add RequiredMethods logic to

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching someone on the CC list of the bug.
You are watching the reporter.


More information about the openssh-bugs mailing list