l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2005 Jul 22 15:07

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] sshd_config and PasswordAuthentication
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] sshd_config and PasswordAuthentication



on Fri, Jul 22, 2005 at 04:20:55PM -0400, David Hummel (dhml@comcast.net) wrote:
> On Fri, Jul 22, 2005 at 12:02:41PM -0700, Karsten M. Self wrote:
> > 
> > on Fri, Jul 22, 2005 at 10:01:32AM -0500, Jay Strauss (me@heyjay.com) wrote:
> > >
> > > I thought you were telling me that when this is set to "no" then I
> > > still type my password, then some magic happens, and I login to the
> > > remote box but I never send my password down the line.
> > 
> > No.  If "PasswordAuthentication no" is set in /etc/ssh/sshd_config, on
> > the remote host, then you *must* use another method, and my
> > understanding is that this limits you to SSH-passkey.  Your remote
> > password (tunneled and encrypted or not) *won't* work.
> 
> If you want to fully disable password auth, it is still necessary to set
> ChallengeResponseAuthentication to no.

My understanding is that ChallengeResponseAuthentication refers to S/Key
passwords.  This is a one-time password scheme which removes many of the
downsides of password-based authentication.


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   Integrity, we've heard of it:  http://www.theregister.co.uk/

Attachment: signature.asc
Description: Digital signature

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.