On Nov 21, 2007 8:20 AM, Jeremy Chadwick <[EMAIL PROTECTED]> wrote: > On Wed, Nov 21, 2007 at 12:15:36AM +0100, Julian H. Stacey wrote: > > Add > > PermitRootLogin yes > > to > > /etc/ssh/sshd_config > > This should really be "PermitRootLogin without-password". Yes, the > phrase "without-password" looks scary, but it isn't so much -- it allows > root login via passwordless SSH keys only, while simultaneously > continues disallowing root logins via keyboard/password authentication. > sshd_config(5) has details. >
"ChallengeResponseAuthentication no" is also required to avoid sshd accepting keyboard-interactive/pam. -- 裘�� (QIU Quan) <[EMAIL PROTECTED]>
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
