This is managed in the configuration of the SSH server. You don't provide enough information as to what 'known in FreeIA' means in your use case, but, assuming you mean users are FreeIPA users, by default you would be using GSSAPI with SSH. Assuming also there's a HBAC rule in place to allow SSH access to the host or hostgroup in question, SSH keys would be an additional mechanism to kerberos. Check the sshd_config manual page for PasswordAuthentication and AuthenticationMethods for additional information.
On Wed, May 5, 2021 at 10:46 AM Tony Brian Albers via FreeIPA-users < [email protected]> wrote: > Hiya, > > I'm trying to set up a host where users can only log on using ssh keys. > But the users must be known in FreeIPA. > > So, how do I go about disabling password-based logins? I only want to > allow key-based logins. > > TIA > > /tony > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
