Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade
For what it's worth, I encountered the same problem after updating.
My sshd config used to read:
## commented out for password ssh: ChallengeResponseAuthentication no
PasswordAuthentication no
which I understand:
- don't not process passwords at sshd level
- yes to Challenge/Response (handled by pam if I remember correctly)
Adding:
ChallengeResponseAuthentication yes
made it work again.
Which would mean that:
- the default value to ChallengeResponseAuthentication switched from Y to N with this update;
- people who report being surprised of having "PasswordAuthentication no" in their config were
probably using challenge/response as I did.
I think I remember there was a reason for using challenge/response through pam instead
of direct password.
I see some activity about that in the changelog (1:4.1p1-1 for instance, says:
"Disable ChallengeResponseAuthentication in new installations, returning
to PasswordAuthentication by default, since it now supports PAM and
apparently works better with a non-threaded sshd (closes: #247521).")
Anybody knowledgeable has an opinion?
Thanks
Reply to: