Date: Sun, 4 Apr 2010 23:39:15 +0000 (UTC) From: Marcin Wisnicki <mwisnicki+freebsd@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: SSH root login with keys only Message-ID: <hpb7v3$csf$2@dough.gmane.org> References: <hpaut3$4gl$1@dough.gmane.org> <20100404234959.23966b02@eselhitler>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 04 Apr 2010 23:49:59 +0200, Julian Fagir wrote: > Hi, > >> Is it possible to configure sshd such that both conditions are met: >> >> 1. Root will be able to login only by using keys 2. Normal users will >> still be able to use pam/keyboard-interactive > > perhaps the sshd-option "PermitRootLogin" does match your requirements. > To be found in sshd_config (5). > Unfortunately it doesn't. Assuming you mean 'without-password' option, I would have to disable ChallengeResponseAuthentication for everyone which I would like to avoid. It is not possible to disable ChallengeResponseAuthentication inside match block.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?hpb7v3$csf$2>