Date: Mon, 29 Jan 2024 08:47:22 -0500 From: Paul M Foster <paulf@quillandmouse.com> To: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> In-Reply-To: <BHs6axVCDQRUWc9O5KLVIF5b9tVo_qUIXZfJ3ASj6U-6sfJKBhcSrOn_VWfYfrxOQyFSEZKLjQuHbBKJ57NuwR-jAl7kDRYp7ix7bDVgCfk=@proton.me> References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <CPja5CJLsYzkPuo_qd5lnJuUj6lBBCW2uHo3NcbFubhGSKa2gNEu0ETvjZSAwI_-rQFuVvUJR2s10xbz40uL17k1lpLSCiz8azHd77S9LK8=@proton.me> <BHs6axVCDQRUWc9O5KLVIF5b9tVo_qUIXZfJ3ASj6U-6sfJKBhcSrOn_VWfYfrxOQyFSEZKLjQuHbBKJ57NuwR-jAl7kDRYp7ix7bDVgCfk=@proton.me>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 29, 2024 at 01:14:29PM +0000, Jonathan Adams wrote: > ------- Forwarded Message ------- From: Jonathan Adams > <jfadams1963@proton.me> Date: On Monday, January 29th, 2024 at 8:10 AM > Subject: Re: Enabling SSHD To: paulf@quillandmouse.com > <paulf@quillandmouse.com> > > > > On Monday, January 29th, 2024 at 7:57 AM, Paul M Foster > > paulf@quillandmouse.com wrote: > > > > > > Folks: > > > > > > > I have a new FreeBSD 14 install. I'd like to be able to do some > > > management on this machine (on my LAN) via SSH. I have a stock > > > /etc/ssh/sshd_config file, except for allowing root to login. I've > > > made that edit to the file, and restarted the SSH daemon via > > > /etc/rc.d/sshd restart. However, this machine still refuses SSH > > > connections, either from a regular user or root. What am I doing > > > wrong? > > If I recall correctly, password-based logins are disabled by default in > favour of key-based logins. You'll need to enable password-based logins > or (better) go with key-based logins. > I certainly hope this is not the case. I've been running Linux for 30 years, and am looking to transition to FreeBSD. If passwords are prohibited for SSH access, that would be a major reason for me not to pursue FreeBSD any further. FWIW, I disagree with the current fad of believing that passwords should be eliminated for everything. I believe passwords, properly implemented, are more than adequate for normal security. If you're trying to secure NSA servers or something, by all means eliminate passwords in favor of hardware keys or the like. In any case, this doesn't provide any actual methods for resolving the current problem. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20240129134722.fbwrvamdf2wx4vik>