On 16/09/2004 Frank Lichtenheld wrote: > On Wed, Sep 15, 2004 at 03:58:17PM +0200, Jonas Meurer wrote: > > after i changed PermitRootLogin from 'yes' to 'without-password', i was > > still able to login from a remote box without any key, and with typing > > the root password, not the key passphrase. > > Are you sure you disabled PAM authentication which is the default > authentication method in the current packages? It is documented that > there are password based authentication methods that aren't covered by > without-password: > <quote sshd_config(5)> > If this option is set to ``without-password'' password authenti- > cation is disabled for root. Note that other authentication > methods (e.g., keyboard-interactive/PAM) may still allow root to > login using a password. > </quote>
if i use UsePAM no even normal user pam logins don't work any longer. that's not what i want. bye jonas
