On Tue, Jun 05, 2001 at 03:44:28PM -0700, Karsten M. Self wrote: > > I don't know that it's possible to disable password authentication, or PasswordAuthentication no or if you want to do it on a user by user basis add: auth required pam_listfile.so item=user sense=deny \ file=/etc/ssh/ssh_rsa_only onerr=succeed to /etc/pam.d/ssh then add users who should not be allowed to authenticate via passwords to /etc/ssh/ssh_rsa_only > to require passphrase authentication (unsecured RSA keys *are* a > security threat). no way to prevent that, the passphrase is only known to the client, and the client program is what takes care of asking it and decrypting the private key. there is no way for the server to know much less enforce passphrase rules on RSA/DSA keys. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgphz0u7P_BT6.pgp
Description: PGP signature