Created
April 10, 2021 06:00
-
-
Save epixoip/7d354445618cd1f9be3c0f28ae5b6818 to your computer and use it in GitHub Desktop.
ssh pubkey auth only with libpam
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- /etc/ssh/sshd_config.orig 2021-04-10 05:50:44.673514864 +0000 | |
| +++ /etc/ssh/sshd_config 2021-04-10 05:59:56.316912290 +0000 | |
| @@ -31,7 +31,7 @@ | |
| # Authentication: | |
| #LoginGraceTime 2m | |
| -#PermitRootLogin prohibit-password | |
| +PermitRootLogin prohibit-password | |
| #StrictModes yes | |
| #MaxAuthTries 6 | |
| #MaxSessions 10 | |
| @@ -55,12 +55,13 @@ | |
| #IgnoreRhosts yes | |
| # To disable tunneled clear text passwords, change to no here! | |
| -#PasswordAuthentication yes | |
| +PasswordAuthentication no | |
| #PermitEmptyPasswords no | |
| +AuthenticationMethods publickey | |
| # Change to yes to enable challenge-response passwords (beware issues with | |
| # some PAM modules and threads) | |
| -ChallengeResponseAuthentication no | |
| +ChallengeResponseAuthentication yes | |
| # Kerberos options | |
| #KerberosAuthentication no | |
| @@ -121,4 +122,4 @@ | |
| # AllowTcpForwarding no | |
| # PermitTTY no | |
| # ForceCommand cvs server | |
| -PasswordAuthentication yes | |
| +PasswordAuthentication no |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment