Chaskiel M Grundman <[EMAIL PROTECTED]> writes:
> Russ Allbery <[EMAIL PROTECTED]> wrote:
>> UsePAM yes
>> PasswordAuthentication no
> ....
Oh, wait, I see what you're saying. Sorry for being dense; I wasn't
registering password as distinct from keyboard-interactive for some
reason, even though you were very clear in the original bug report. My
bad.
I remember this issue now. This is kind of documented in the sshd_config
man page in the following cryptic reference:
UsePAM Enables PAM authentication (via challenge-response) and session
set up. If you enable this, you should probably disable
PasswordAuthentication.
This looks like it's fixed in experimental for the regular ssh packages,
so once that version migrates into unstable, we should probably re-merge
with their packages to pick up this fix. Your reference to:
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=242119>
clearly explained the whole thing. Thank you for the report! My
apologies for the misunderstanding.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
