similar to: [Bug 1474] New: Password authentication should be configurable per-user

http://bugzilla.mindrot.org/show_bug.cgi?id=1266 Summary: incompatibility between s/key and keys Autentification Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org

I'm running OpenSSH 3.4 and have the situation that some users want to allow password authentication into their accounts and some explicitly want to disallow password authentication. Is this possible? I wasn't able to come up with a way looking through ssh_config and sshd_config, as well as some FAQs. It seems the problem is that there is no scoping of directives in sshd_config, thus

https://bugzilla.mindrot.org/show_bug.cgi?id=3736 Bug ID: 3736 Summary: sshd falls back to password prompt after PAM module returns a PAM_MAXTRIES. Product: Portable OpenSSH Version: 9.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

http://bugzilla.mindrot.org/show_bug.cgi?id=1180 Summary: Add finer-grained controls to sshd Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dtucker at

http://bugzilla.mindrot.org/show_bug.cgi?id=843 Summary: sshd_config.5: add warning to PasswordAuthentication Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: openssh-bugs at mindrot.org

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

https://bugzilla.mindrot.org/show_bug.cgi?id=1410 Summary: Correct UsePAM comment in sshd_config on Mac OS X Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Mac OS X Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1468 Summary: sshd does not log failed attempts using key-based authentication only Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: security Priority: P2

Hi , I have two problems when i went through a) the man page of sshd_config and b) the comments quoted in sshd_config file itself. They are given below. a) >From the man page of sshd_config: "If UsePAM is enabled, you will not be able to run sshd(8) as a non-privileged user." I changed the permission of the hostkeys to a non-privileged user and tried to run sshd alongwith

Hello everyone, We are setting up a server at work, and we have run into something that I am not sure how to resolve. We have set up sshd (OpenSSH server) on the machine. We have placed ssh keys into each user's home directory that needs to access the system (and they work). We want to disable everyone from logging in, using a password, utilizing ssh keys only to access the system. I have

http://bugzilla.mindrot.org/show_bug.cgi?id=1326 Summary: Allow non-public-key credentials in authorized_keys file (Kerberos, etc.) Product: Portable OpenSSH Version: 4.4p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Kerberos support

Hello list, on a CentOS 6.4 machine I'm creating accounts with empty passwords. Each user's public key is located in <user's home>/.ssh/authorized_keys. When trying to ssh into that machine, following error message is displayed: Permission denied (publickey). In /etc/ssh/sshd_config I've set: PasswordAuthentication no UsePAM no If I set a password for the users, the

https://bugzilla.mindrot.org/show_bug.cgi?id=3658 Bug ID: 3658 Summary: Wrong comment in /etc/ssh/sshd_config Product: Portable OpenSSH Version: 9.6p1 Hardware: Other OS: Illumos Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

I compiled 2.5.1p1 on solaris and linux with PAM support and produced the same problem. If I set sshd_config to not allow password authentication( PasswordAuthentication no ) and restart sshd. I then ssh in with password authentication in ssh protocol version 2. $ ssh -v -2 jenn at billsnet.com OpenSSH_2.5.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f debug: Reading configuration data

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hi Nolan, The default sshd configuration file is often distribution-dependant. It means that even if upstream changed it, the result would not always be propaged in the distrib packages. > > Hello SSH developers, > > I spent about 2 hours today trying to track down why disabling passwords > wasn't working on my Linux <Ubuntu> machine. I would like to propose the >

http://bugzilla.mindrot.org/show_bug.cgi?id=738 ------- Additional Comments From dtucker at zip.com.au 2003-11-19 23:47 ------- >From the description: "TO SUMMARIZE: I have problems WHEN: I log in via SSH to the non-master NIS+ server with a non-local account (NIS+ account) with a Windows client via 'Password' authentication." As of 3.7p1, PasswordAuthentication does

Hello List. ? i?m trying to setup a limited SSH server with SFTP. The requirements: -????????? There are users to whom only SFTP should be available. (sftp-only group) -????????? There are users to whom SFTP and shell access should be available (admin group) -????????? SFTP clients have to authenticate with username and password -????????? shell users have to authenticate with private key.

Hello, We'd like to allow passwords only from the local network, and allow public key auth from on-campus or off-campus. The server runs SuSE Linux, and we might do the same on RHEL/CentOS & Mac OS X if we can get it to work. Unfortunately, Match allows PasswordAuthentication but not ChallengeResponseAuthentication. Is there any reason ChallengeResponseAuthentication cannot be

Hi, I have an auth module for PAM that I wrote a few years ago called pam_vsd.so. The idea is that a user must have a certain privilege before they can successfully authenticate. Without the privilege the PAM module will return PAM_PERM_DENIED. However I find that in OpenSSH 3.7.1p2, I can easily subvert this check simply by hitting return 3 times on connection i.e. [nick at localhost