preventing Password logins with SSH2
as I upgrade much of my systems to debian woody, I am
trying to get SSH1 and SSH2 to peacefully co-exist. However
I've hit a snag and was hoping someone knew how to fix this.
on my more sensitive systems I do not permit password
logins(RSA key only). This of course is set via the
PasswordAuthentication no directive in sshd_config.
When I ssh in with version 1(-1 option), it prompts me
for my RSA key, i just hit enter to abort, and try password
authentication, and it immediately disconnects me as it should.
When I ssh in with version 2(-2) option, since I do not have
a DSA key on this particular host it skips the key based
auhentication and prompts me for the password! which, if
I type in the right one it logs me in! this is not the
way I want it to work. I have already tested forcing
SSH to use verison 1 only on a few systems and it works,
but I would like to have version 2 available so I can
migrate to it easier when the time comes.
I have stopped and restarted SSH many times to no
avail. running woody as upgraded today from potato(using
the re-generated config files too)
Is there any way to prevent password logins when using
SSH2 on openssh as included with woody?
I do hope to migrate to SSH2 and drop SSH1, but
as it is now a ton of stuff depends on using RSA
authentication, so I don't intend to make the switch
until all my potato systems are on woody.