On 6/8/17 9:38 AM, Brent Kimberley wrote: > > Does sshd need to be recompiled - in order to completely disable > password authentication? > > > > I would like to reduce the number of false positives in /var/log/secure > > ^.*sshd.*: Invalid user .* from .*$ > > ^.*sshd.*: reverse mapping checking getaddrinfo for .* failed - > POSSIBLE BREAK-IN ATTEMPT!$ > > ^.* sshd.*: input_userauth_request: invalid user .*$ >
In theory, should be able to disable ChallengeResponseAuthentication and PasswordAuthentication, then call it a day. Never actually tried, though.
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
