On Wed, 2014-04-16 at 20:08 +0200, David Kreuter wrote: > Hi, > > > Today I faced the issue that Kerberos authentication stopped working > after disabling PasswordAuthentication in /etc/ssh/sshd_config on a > FreeIPA client. The deactivation of this option was done due to > security issues. > > > Is it really necessary to have this option set to yes when using > Keberos authentication?
No, GSSAPI authentication does not need PasswordAuthentication, of course it requires valid kerberos credentials on the client and a valid keytab on the server. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
