Date: Thu, 12 Feb 2004 22:29:01 -0500 From: Dragoncrest <dragoncrest@voyager.net> To: Clint Gilders <techservices@onlinehobbyist.com>, freebsd-questions@freebsd.org Subject: Re: Problem with ssh Message-ID: <5.2.0.9.2.20040212222637.00a2c9c0@pop.voyager.net> In-Reply-To: <402BDE2D.2050706@onlinehobbyist.com> References: <20040212200417.GF17922@nkinkade> <200402121949.i1CJnI5q083815@mail5.mx.voyager.net> <20040212200417.GF17922@nkinkade>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:12 PM 2/12/04 -0500, Clint Gilders wrote:
>Nathan Kinkade wrote:
> > Uncomment the following line /etc/ssh/sshd_config and HUP sshd:
>>#PasswordAuthentication yes
>
>You also want to set that to 'no'
>
>PasswordAuthentication no
Well, that's the kicker. I've got that already in my sshd_config
file and I've restarted SSHD and still no go. Here's my current config
file. The weird part is this used to work.
########################################################
# This is ssh server systemwide configuration file. See sshd(8)
# for more information
Port 22
Protocol 2
HostDsaKey /etc/ssh/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 120
KeyRegenerationInterval 3600
PermitRootLogin no
# After 3 unauthenticated connections, refuse 50% of the new ones, and
# refuse any more than 10 total.
MaxStartups 3:50:10
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
PrintLastLog yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel VERBOSE
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
ChallengeResponseAuthentication no
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
CheckMail yes
#UseLogin no
Banner /etc/issue.net
#ReverseMappingCheck yes
Subsystem sftp /usr/libexec/sftp-server
AllowUsers dragoncrest
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.2.20040212222637.00a2c9c0>