Date: Sun, 6 Mar 2005 21:18:23 -0500 From: Danie Du Toit <danie.dutoit@gmail.com> To: Chris Hodgins <chodgins@cis.strath.ac.uk> Cc: FreeBSD-questions@freebsd.org Subject: Re: sshd - public key vs keyboard interactive authentication Message-ID: <8af82589050306181823fb5efd@mail.gmail.com> In-Reply-To: <422BB546.4030302@cis.strath.ac.uk> References: <8af8258905030617207f4be393@mail.gmail.com> <5d2cf692050306174471107d08@mail.gmail.com> <422BB546.4030302@cis.strath.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the responses - all set! On Mon, 07 Mar 2005 01:58:30 +0000, Chris Hodgins <chodgins@cis.strath.ac.uk> wrote: > Jeff With wrote: > >>So, my questions: > >> > >>1. How do I disable password authentication - i.e. force to use the DSA keys? > > > > > > Make sure all 'password' auth is disabled and publickey is enabled. > > > > <sshd_config> > > > > PasswordAuthentication no > > UseLogin no > > UsePAM no > > PubkeyAuthentication yes > > > > > >>2. Can I use both for added security - i.e. using the keys and then > >>get prompted for password? > > > > > > There was some work stared on this type of thing last year, but I > > don't think it was every finalized... > > > > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=108552250117169&w=2 > > > > - jw > > You can add a passphrase to your key using ssh-keygen. If you use a > password you get something like this when you login. > > chris@laptop:/usr/home/chris$ ssh myserver.net > Enter passphrase for key '/home/chris/.ssh/id_dsa': > > Chris >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8af82589050306181823fb5efd>