On Thu, Mar 11, 2010 at 9:55 PM, Steve Holdoway <st...@greengecko.co.nz> wrote: > no - still being prompted for a password...
Steve, I hope you're testing with ssh -v so you can see all the methods the ssh server is advertising. Rob, I hope you've set "PasswordAuthentication no" in /etc/ssh/sshd_config (and restarted sshd). I also hope that you have whitelisted places you know you might be connecting from in /etc/hosts.allow :-) Hads, you're right that a connection attempt denied by sshd can move on to the next authentication method, which often means that you get asked for a password. However, denyhosts logs IP addresses in /etc/hosts.deny, and sshd is usually compiled to look at tcpwrappers, so people who have failed to login too many times will eventually get no ACK from sshd at all. -jim
