Re: is pam working?

To: Dr Gavin Seddon <gavin.m.seddon@man.ac.uk>
Cc: Dr Gavin Seddon <gavin.m.seddon@manchester.ac.uk>, amd64list <debian-amd64@lists.debian.org>
Subject: Re: is pam working?
From: lsorense@csclub.uwaterloo.ca (Lennart Sorensen)
Date: Wed, 27 Jul 2005 11:51:27 -0400
Message-id: <[🔎] 20050727155127.GS6714@csclub.uwaterloo.ca>
In-reply-to: <[🔎] 1122478555.2700.2.camel@localhost.localdomain>
References: <[🔎] 1122462403.2999.3.camel@localhost.localdomain> <[🔎] 20050727131606.GO6714@csclub.uwaterloo.ca> <[🔎] 1122478555.2700.2.camel@localhost.localdomain>

On Wed, Jul 27, 2005 at 04:35:55PM +0100, Dr Gavin Seddon wrote:
> Hi,
> Is it here that needs modification in /etc/ssh/sshd_config
> 
> # Authentication:
> LoginGraceTime 600
> PermitRootLogin no
> StrictModes yes
> I do have
> UsePAM yes
> 
> Gavin.
> RSAAuthentication yes
> PubkeyAuthentication yes

I believe allowing rsa and pubkey authentication would mean anyone with
a valid ssh key could login even if pam says no.  I am not sure though
since I don't personally have a need to disable ssh for any users.

PasswordAuthentication yes
would allow ssh to authenticate against the password file itself I
believe.  I think it has to be set to no to only allow other methods.
If all methods are set to no explicitly other than pam, then I would
think only pam would be used.

Len Sorensen

Reply to:

References:
- is pam working?
  - From: Dr Gavin Seddon <gavin.m.seddon@man.ac.uk>
- Re: is pam working?
  - From: lsorense@csclub.uwaterloo.ca (Lennart Sorensen)
- Re: is pam working?
  - From: Dr Gavin Seddon <gavin.m.seddon@man.ac.uk>

Prev by Date: Re: is pam working?
Next by Date: Re: Calling 64 bit apps from 32 bit Chroot]
Previous by thread: Re: is pam working?
Next by thread: Re: is pam working?
Index(es):
- Date
- Thread