Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?
On Mon, Mar 08, 2004 at 03:01:54PM +0100, Mario 'BitKoenig' Holbe wrote:
> Package: ssh
> Version: 1:3.8p1-1
>
> Hello,
>
> man sshd_config points out:
> UsePAM Enables PAM authentication (via challenge-response) and session
> set up. If you enable this, you should probably disable
> PasswordAuthentication. If you enable then you will not be able
> to run sshd as a non-root user. The default is ``no''.
>
> Since the debian package defaults to `UsePAM yes' and since
> there seems to be no `PAMAuthenticationViaKbdInt no' anymore,
> could you probably think about defaulting to `PasswordAuthentication no'
> too (maybe one nearby the other)?
Probably a good idea, although changing existing configurations might be
too complicated.
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: