Re: adduser: what is the difference between --disabled-password and--disabled-login
On Monday 16 May 2005 11:12, Frederik Dannemare wrote:
> On Thursday 12 May 2005 20:18, Marc Haber wrote:
> [ ... ]
>
> > "UsePam yes" is generally a _big_ surprise for the local admin
> > since it allows passwords to be used even if
> > "UsePasswordAuthentification no" is set in sshd_config.
>
> [ ... ]
>
> I have exactly those set on a few hosts:
> foohost:/var/log# egrep "PasswordAuth|UsePAM" /etc/ssh/sshd_config
> PasswordAuthentication no
> UsePAM yes
>
> But from client hosts with no proper pubkey, I get :
> $ ssh foohost
> Permission denied (publickey).
>
> From what you mention above, I should actually be prompted for a
> password, right? I only remember setting "PasswordAuthentication no"
> in sshd_config and I haven't touched any PAM stuff (ie. default Sarge
> settings).
Btw, I have "ChallengeResponseAuthentication no" as well. I suspect this
is why "UsePAM yes" is not a problem here (with respect to allowing
passwords to be used).
--
Frederik Dannemare | http://sentinel.dk | http://linuxworlddomination.dk
http://qa.debian.org/developer.php?login=Frederik+Dannemare
http://www.ubuntulinux.org/wiki/FrederikDannemare
Key fingerprint = 30CF 7AD3 17D9 1A63 A730 ECA6 0D4C 2C97 9D9A 238E
Reply to: