On Monday 16 May 2005 11:12, Frederik Dannemare wrote: > On Thursday 12 May 2005 20:18, Marc Haber wrote: > [ ... ] > > > "UsePam yes" is generally a _big_ surprise for the local admin > > since it allows passwords to be used even if > > "UsePasswordAuthentification no" is set in sshd_config. > > [ ... ] > > I have exactly those set on a few hosts: > foohost:/var/log# egrep "PasswordAuth|UsePAM" /etc/ssh/sshd_config > PasswordAuthentication no > UsePAM yes > > But from client hosts with no proper pubkey, I get : > $ ssh foohost > Permission denied (publickey). > > From what you mention above, I should actually be prompted for a > password, right? I only remember setting "PasswordAuthentication no" > in sshd_config and I haven't touched any PAM stuff (ie. default Sarge > settings).
Btw, I have "ChallengeResponseAuthentication no" as well. I suspect this is why "UsePAM yes" is not a problem here (with respect to allowing passwords to be used). -- Frederik Dannemare | http://sentinel.dk | http://linuxworlddomination.dk http://qa.debian.org/developer.php?login=Frederik+Dannemare http://www.ubuntulinux.org/wiki/FrederikDannemare Key fingerprint = 30CF 7AD3 17D9 1A63 A730 ECA6 0D4C 2C97 9D9A 238E -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]