Date: Tue, 24 Mar 2020 19:52:00 -0400 From: David Mehler <dave.mehler@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: sshd not allowing a subgroup to authenticate according to it's authentication method Message-ID: <CAPORhP4TQFMVcL1TGUb=Ex%2BDkp%2BP7AP8k8=aNDmhxAz00U=60A@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello,
I'm running sshd on FreeBSD 12.1. I'm having an issue, I want users in
a group sftpusers to be able to be logged in via password and to be
chrooted to their home directories. Everytime I try to log in I'm
getting no supported authenticationmethods publickey. From the man
page I thought that a group definition overrode a global configuration
setting. Here's a config snipet:
# Authentication:
AuthenticationMethods publickey
#StrictModes yes
#PubkeyAuthentication yes
#PasswordAuthentication no
#PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM no
AllowAgentForwarding no
AllowTcpForwarding no
#GatewayPorts no
#ChrootDirectory none
Subsystem sftp internal-sftp
# Set up groups for different types of logins
AllowGroups sshusers sftpusers
Match Group sshusers
PubkeyAuthentication yes
PasswordAuthentication no
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTunnel no
Match Group sftpusers
ChrootDirectory /home/%u
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no
AllowAgentForwarding no
PermitTunnel no
PermitTTY no
PasswordAuthentication yes
Suggestions welcome.
Thanks.
Dave.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP4TQFMVcL1TGUb=Ex%2BDkp%2BP7AP8k8=aNDmhxAz00U=60A>