Date: Mon, 05 Apr 2010 08:52:37 +0200 From: Erik Norgaard <norgaard@locolomo.org> To: freebsd-questions@freebsd.org Subject: Re: SSH root login with keys only Message-ID: <4BB988B5.7090906@locolomo.org> In-Reply-To: <hpb7nh$csf$1@dough.gmane.org> References: <hpaut3$4gl$1@dough.gmane.org> <4BB91FD5.3040403@locolomo.org> <hpb7nh$csf$1@dough.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/04/10 01:35, Marcin Wisnicki wrote: > PasswordAuthentication is already disabled (by default). > I need to disable ChallengeResponseAuthentication however: > > /etc/ssh/sshd_config line 131: Directive 'ChallengeResponseAuthentication' > is not allowed within a Match block > > Same thing for "UsePAM no" (though I would like to keep pam for accounting > and session management) You can configure two daemons one with root access allowed and the other without. Let the one with root access allowed run on a non-standard port. BR, Erik -- Erik Nørgaard Ph: +34.666334818/+34.915211157 http://www.locolomo.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BB988B5.7090906>