RE: Disable SSH authentication
- From: "Sharath Ballal" <Sharath.Ballal@xxxxxxxxxx>
- Date: Fri, 17 Oct 2008 12:18:57 +0530
# Disallow non-root logins when /etc/nologin exists.I didn't have that line in my box and didn't bother to verify what '
pam_nologin.so' stands for. Now I checked that /etc/nologin did not
exist in my box (that explains why it worked).
-Sharath.
-----Original Message-----
From: Kosala Atapattu [mailto:kosala.atapattu@xxxxxxxxx]
Sent: Thursday, October 16, 2008 11:12 AM
To: Sharath Ballal
Cc: Christian Grunfeld; chaoson; secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: Disable SSH authentication
Hi Sharath,
On Thu, Oct 16, 2008 at 8:29 AM, Sharath Ballal
<Sharath.Ballal@xxxxxxxxxx> wrote:
Kosala ,
BTW, I'm not the originator of the request... it's chaoson.
You can still use SSH with PAM and skip both password and keyauthentication by changing the following entry in /etc/pam.d/sshd file
and commenting other auth entries.
and comment all others in this category (I guess even commenting other
auth sufficient pam_nologin.so no_warn
i.e. Change the pam_nologin.so to "sufficient" in the auth category
entries may not be required since we made it "sufficient" but it has to
be the first entry, you can try that out).
I see this in my Ubuntu box.
# Disallow non-root logins when /etc/nologin exists.
account required pam_nologin.so
The description gives a different definition to pam_nologin.so.
Kosala
- References:
- Disable SSH authentication
- From: chaoson
- Re: Disable SSH authentication
- From: Christian Grunfeld
- Re: Disable SSH authentication
- From: Kosala Atapattu
- Re: Disable SSH authentication
- From: Christian Grunfeld
- RE: Disable SSH authentication
- From: Sharath Ballal
- Re: Disable SSH authentication
- From: Kosala Atapattu
- Disable SSH authentication
- Prev by Date: Re: making telnet secure
- Next by Date: Re: is ssh tunneling a security risk?
- Previous by thread: Re: Disable SSH authentication
- Next by thread: Re: Disable SSH authentication
- Index(es):
Relevant Pages
|
