Re: sshd UsePAM, PR bin/32313

To: Michael van Elst <mlelstv%serpens.de@localhost>
Subject: Re: sshd UsePAM, PR bin/32313
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Sun, 22 Nov 2009 16:31:13 -0500

On Sun, Nov 22, 2009 at 10:28:56PM +0100, Michael van Elst wrote:
> On Sun, Nov 22, 2009 at 04:23:09PM -0500, Thor Lancelot Simon wrote:
> 
> > No -- you *don't* want to do this -- you'll end up accepting Kerberos
> > passwords using ChallengeResponseAuthentication
> 
> As always, the computer does what you tell it. The question was
> how to disable password authentication and not how to disabled
> ChallangedResponseAuthentication.

I think you're confused.  If you disable PasswordAuthentication in the
sshd_config file, when pam_unix prompts for a password,
ChallengeResponseAuthentication is used.  If you're now claiming that that
is not a problem, why bother changing the PAM configuration at all?

References:
- sshd UsePAM, PR bin/32313
  - From: Taylor R Campbell
- Re: sshd UsePAM, PR bin/32313
  - From: Michael van Elst
- Re: sshd UsePAM, PR bin/32313
  - From: Martin Husemann
- Re: sshd UsePAM, PR bin/32313
  - From: Michael van Elst
- Re: sshd UsePAM, PR bin/32313
  - From: Thor Lancelot Simon
- Re: sshd UsePAM, PR bin/32313
  - From: Michael van Elst

Prev by Date: Re: sshd UsePAM, PR bin/32313
Next by Date: Re: how do you measure speed?
Previous by Thread: Re: sshd UsePAM, PR bin/32313
Next by Thread: Re: sshd UsePAM, PR bin/32313
Indexes:

Home | Main Index | Thread Index | Old Index