Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?

To: submit@bugs.debian.org
Subject: Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?
From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@RZ.TU-Ilmenau.DE>
Date: Mon, 8 Mar 2004 15:01:54 +0100
Message-id: <[🔎] 20040308140154.GA8084@darkside.22.kls.lan>
Reply-to: "Mario 'BitKoenig' Holbe" <Mario.Holbe@RZ.TU-Ilmenau.DE>, 236810@bugs.debian.org

Package: ssh
Version: 1:3.8p1-1

Hello,

man sshd_config points out:
  UsePAM  Enables PAM authentication (via challenge-response) and session
          set up.  If you enable this, you should probably disable
          PasswordAuthentication.  If you enable then you will not be able
          to run sshd as a non-root user.  The default is ``no''.

Since the debian package defaults to `UsePAM yes' and since
there seems to be no `PAMAuthenticationViaKbdInt no' anymore,
could you probably think about defaulting to `PasswordAuthentication no'
too (maybe one nearby the other)?


regards,
   Mario
-- 
<jv> Oh well, config
<jv> one actually wonders what force in the universe is holding it
<jv> and makes it working
<Beeth> chances and accidents :)

Reply to:

Follow-Ups:
- Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?
  - From: "Mario 'BitKoenig' Holbe" <Mario.Holbe@RZ.TU-Ilmenau.DE>
- Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?
  - From: Colin Watson <cjwatson@debian.org>
- Bug#236810: marked as done (ssh: sshd_config: disable PasswordAuthentication if UsePAM?)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: SSH disconnection
Next by Date: Bug#236814: ssh: MOTD isn't printed anymore
Previous by thread: Re: SSH disconnection
Next by thread: Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?
Index(es):
- Date
- Thread