On Oct 23, 2005, at 1:17 AM, Chris Buechler wrote:
if anybody knows anything more on PasswordAuthentication vs. keyboard-interactive, I'd be very interested to hear more.
from my experience managing my freebsd systems, setting PasswordAuthentication to no basically just tells sshd not to use the password file directly for authentication. One other configuration parameter, ChallengeResponseAuthentication, causes it to use PAM to do the password authentication (which can be configured to use challenge response ala SecureID or one-time passwords).
If you want to disable normal passwords in sshd, you have to turn *both* of these off. This will then require public/private key pairs to permit logins.
As for keyboard-interactive, that's just SSH's terminology for presenting some kind of password or C/R via the keyboard -- anything outside of the pub/priv keys mechanism.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
