Re: is pam working?
On Wed, Jul 27, 2005 at 04:35:55PM +0100, Dr Gavin Seddon wrote:
> Hi,
> Is it here that needs modification in /etc/ssh/sshd_config
>
> # Authentication:
> LoginGraceTime 600
> PermitRootLogin no
> StrictModes yes
> I do have
> UsePAM yes
>
> Gavin.
> RSAAuthentication yes
> PubkeyAuthentication yes
I believe allowing rsa and pubkey authentication would mean anyone with
a valid ssh key could login even if pam says no. I am not sure though
since I don't personally have a need to disable ssh for any users.
PasswordAuthentication yes
would allow ssh to authenticate against the password file itself I
believe. I think it has to be set to no to only allow other methods.
If all methods are set to no explicitly other than pam, then I would
think only pam would be used.
Len Sorensen
Reply to: