Bug#250369: Debian bugs: sshd - PAM and password auth: fixed upstream

To: Marc Haber <mh+debian-bugs@zugschlus.de>
Cc: 250369-maintonly@bugs.debian.org
Subject: Bug#250369: Debian bugs: sshd - PAM and password auth: fixed upstream
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 02 Jul 2004 21:58:14 +1000
Message-id: <40E54DD6.6020308@zip.com.au>
Reply-to: Darren Tucker <dtucker@zip.com.au>, 250369-maintonly@bugs.debian.org
In-reply-to: <20040702112548.GE16991@torres.ka0.zugschlus.de>
References: <40E34CD0.2070104@zip.com.au> <20040702112548.GE16991@torres.ka0.zugschlus.de>

Marc Haber wrote:

Actually, I think that #250369 is an issue with Debian packaging,
adding UsePAM unconditionally on update which is not intended on
systems that have passwordauthentication=no.

I see. I don't think you need to disable PAM entirely (the account andsession modules might still be useful).

What you probably want instead is "ChallengeResponseAuthentication no"in addition to to "PasswordAuthentication no". This will prevent userslogging on using their passwords via CR/keyboard-interactive, whichappears to be what's happening in your case.


--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Reply to:

References:
- Bug#250369: Debian bugs: sshd - PAM and password auth: fixed upstream
  - From: Marc Haber <mh+debian-bugs@zugschlus.de>

Prev by Date: Bug#250369: Debian bugs: sshd - PAM and password auth: fixed upstream
Next by Date: Bug#257324: FTBFS: illegal instruction on ARM
Previous by thread: Bug#250369: Debian bugs: sshd - PAM and password auth: fixed upstream
Next by thread: Bug#257324: FTBFS: illegal instruction on ARM
Index(es):
- Date
- Thread