>>>>> "RB" == Rodrick Brown <rodrick.brown@xxxxxxxxx> writes:
RB> Anyone have any experience in granting tickets to users upon login
RB> using pam in a kerberos environment? I'm using Solaris 10's stock
RB> ssh.
SSH can do this by itself, using either ticket-based or password (kinit)
authentication. If you want to do it with PAM, use keyboard-interactive
authentication with UsePAM set, and the pam_krb5 module in the PAM stack
for SSH.
Re: Securing SSH: Does disabling password authentication work? ... keyboard-interactive with pam (would allow auth against LDAP or any ... other authentication method possible with pam) ...public/private keys... I edited my ssh config file to disable the first method, ... (Debian-User)
Re: Confusion on SSH and PAM ... asked because an authentication failure is not a fatal error. ... When authenticating an SSH session, a list of mutually supported methods ... I have keys setup for root to login, but instead of letting me in with those keys, SSHD ignores them, passes me to PAM for password prompting and the denies me out! ... (freebsd-questions)
Re: Repeated attacks via SSH ... > So, Jared Hall wrote: ... This is not sufficient if ssh is using PAM for authentication (because ...PAM will allow root logins). ... (FreeBSD-Security)
