[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#236810: ssh: sshd_config: disable PasswordAuthentication if UsePAM?

On Mon, Mar 08, 2004 at 03:01:54PM +0100, Mario 'BitKoenig' Holbe wrote:
> Package: ssh
> Version: 1:3.8p1-1
> 
> Hello,
> 
> man sshd_config points out:
>   UsePAM  Enables PAM authentication (via challenge-response) and session
>           set up.  If you enable this, you should probably disable
>           PasswordAuthentication.  If you enable then you will not be able
>           to run sshd as a non-root user.  The default is ``no''.
> 
> Since the debian package defaults to `UsePAM yes' and since
> there seems to be no `PAMAuthenticationViaKbdInt no' anymore,
> could you probably think about defaulting to `PasswordAuthentication no'
> too (maybe one nearby the other)?

Probably a good idea, although changing existing configurations might be
too complicated.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: