Re: Only allow public/private key authentication ?

On 2006-12-15, ctobini <ctemp2@xxxxxxx> wrote:
I would like to know if there is a way to allow only public/private key
authentication, and so what is the exact signification of the
'PasswordAuthentication' configuration option.

I have disabled the PasswordAuthentication option but my sshd server
always asks me for a password and not a passphrase if I don't have the

Assuming you're using OpenSSH and that you have restarted sshd (from
subsequent posts it seems that you have) you may also need to disable
ChallengeResponseAuthentication.

If you have PAM support enabled in sshd and PAM is configured to allow
authentication via password then sshd can also authenticate you via
that method. It looks similar to password authentication but it's
different at the protocol level.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
.

Relevant Pages

  • RE: SSH with OpenSSH and Putty - Please Help!
    ... It looks like your config file doesn't state exactly which file needs to be ... you may need to truss sshd or run sshd in debug foreground mode ... Then test and see if your key-based authentication works. ... Event Log: No supported authentications offered. ...
    (SSH)
  • Re: How do I change the number of logon opportunities from 3 to 1
    ... > sshd is my only method of logging into my system. ... change it at compile time by editing auth.h and changing AUTH_FAIL_MAX ... authentication count too, so if you change that to 1 then many clients ... Good judgement comes with experience. ...
    (SSH)
  • Re: OpenSSH and pam_krb5
    ... > with GSSAPI and PAM authentication. ... this data is present in a separate process (the "authentication ... application (ie sshd). ...
    (SSH)
  • Re: openssh / cygwin : public key authentication
    ... The sshd is launch by user "a" which exist in W2000 and the association is ... When I use public key authentication from a remote host to this one as ... The system account does of course own that user rights by default. ... RSA authentication anyway. ...
    (comp.security.ssh)
  • Re: openssh / cygwin : public key authentication
    ... The sshd is launch by user "a" which exist in W2000 and the association is ... When I use public key authentication from a remote host to this one as ... The system account does of course own that user rights by default. ... RSA authentication anyway. ...
    (comp.security.ssh)