Re: disable password authentication with openssh

• Previous message: Roberto C. Sanchez: "bayesian filter training question"
• In reply to: Roberto C. Sanchez: "Re: disable password authentication with openssh"
• Next in thread: Greg Norris: "Re: disable password authentication with openssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "Roberto C. Sanchez" <roberto@familiasanchez.net>
Date: Thu, 29 Sep 2005 15:11:22 -0500

On Thu, 2005-09-29 at 15:46 -0400, Roberto C. Sanchez wrote:
> On Thu, Sep 29, 2005 at 02:44:58PM -0500, Matthew Lenz wrote:
> > I want my users to only be able to ssh into the system using public key
> > authentication. I can't seem to locate which option i need to toggle to
> > only allow pubkey auth.
> >
> In /etc/ssh/sshd_config:
>
> RSAAuthentication yes
> PubkeyAuthentication yes
> PasswordAuthentication no
>
> Of course, remember to restart ssh.
>
> -Roberto

those are the debian sarge openssh defaults you posted and do not
disable logging in using the system password.

here are the debian defaults. exception is the change I made to the
PermitRootLogin param .. can't remember its default.

IgnoreRhosts yes
KeepAlive yes
KeyRegenerationInterval 3600
LoginGraceTime 600
LogLevel INFO
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
Port 22
PrintLastLog yes
PrintMotd no
Protocol 2
PubkeyAuthentication yes
RhostsRSAAuthentication no
RSAAuthentication yes
ServerKeyBits 768
StrictModes yes
Subsystem sftp /usr/lib/sftp-server
SyslogFacility AUTH
UsePAM yes
UsePrivilegeSeparation yes
X11DisplayOffset 10
X11Forwarding no

-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• Previous message: Roberto C. Sanchez: "bayesian filter training question"
• In reply to: Roberto C. Sanchez: "Re: disable password authentication with openssh"
• Next in thread: Greg Norris: "Re: disable password authentication with openssh"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages sshd and redhat 6.2 (!) ... I need to put ssh in a redhat box and canot upgrade its kernel ... PermitRootLogin no ... If this is enabled, PAM authentication will ... # PasswordAuthentication. ... (comp.security.ssh) Re: Problem with OpenSSH ... PubkeyAuthentication yes ... PermitRootLogin no ... IgnoreUserKnownHoses no ... PasswordAuthentication no ... (SSH) Re: Port =?UTF-8?Q?ge=C3=A4ndert_f=C3=BCr?= SSH, kein Zugriff mehr ... debug1: connect to address 84.182.188.14 port 4500: Connection timed out ... ssh: connect to host xxx.dyndns.org port 4500: Connection timed out ... lass mal das mit PasswordAuthentication aktiv, ... Das User-Passwort ist ziemlich einfach, ... (de.comp.os.unix.shell) openssh, solaris8 and root login ... Question on OpenSSH and password less root login ... Meanwhile I need to disable all direct root login to "server1" using ssh ... from any other client/server except from server2 (as said above, ... Currently PermitRootLogin is set yes in sshd_config. ... (SunManagers) Re: security on linux ... login, and HDST denote the host TO which I want to login to. ... running the ssh client on HSRC and the ssh server on HDST. ... PasswordAuthentication no ... from an arbitrary host. ... (comp.os.linux.misc)