* Jim Hyslop wrote: > PermitRootLogin no > RSAAuthentication no > PubkeyAuthentication yes > IgnoreRhosts yes > RhostsRSAAuthentication no > HostbasedAuthentication no > PermitEmptyPasswords no > ChallengeResponseAuthentication no > PasswordAuthentication no > UsePAM yes > Subsystem sftp /usr/lib/openssh/sftp-server
I've also added "Protocol 2" to omit ssh 1 and I set UsePam to no because I wasn't able to prohibit password authentication with PAM enabled. Restricting the allowed users is probably a good idea, too: AllowUsers you Also I am using iptables to limit the per-ip connection tries in a given amount of time: <http://www.debian-administration.org/articles/187>. Cheers, Alex -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]