Key-based SSH authentication
William O'Higgins Witteman
william.ohiggins-H217xnMUJC0sA/PxXw9srA at public.gmane.org
Mon Nov 20 15:55:21 UTC 2006
On Mon, Nov 20, 2006 at 10:34:52AM -0500, G. Matthew Rice wrote:
>William O'Higgins Witteman <william.ohiggins-H217xnMUJC0sA/PxXw9srA at public.gmane.org> writes:
>> Changing PasswordAuthentication to "no" doesn't work, because it has
>> always been set to "no".
>
>Are you certain? from the sshd_config man page:
>
> PasswordAuthentication
> Specifies whether password authentication is allowed. The
> default is ``yes''.
Yup, the difference is that Debian's SSH appears to be compiled with PAM
support, and so the PasswordAuthentication on my sshd_config bears this
comment:
# Change to yes to enable tunnelled clear text passwords
>> The advice to open up a second session to use as a bail-out was
>> essential - I didn't realize that an SSH session will persist even when
>> you restart the daemon. Neat.
>
>That's the same for most (all?) daemons of this sort. Stopping the service
>will kill the daemon listening on the service's port (ie. no more new
>connections) but any children will continue running.
Very cool.
--
yours,
William
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://gtalug.org/pipermail/legacy/attachments/20061120/c6919d67/attachment.sig>
More information about the Legacy
mailing list