Roy Harrison wrote:
> Thanks Brett.
>
> It's starting to make sense. I don't like that the first time anyone can
> log on if they have a unix password, but what you said that interests me is
> that once the server has the remote's key, I can then remove that key from
> the authorized key file and have some control over who comes back again. My
> question is, isn't this how they got on to start with...there was no key in
> the authorized file and SSH put it there automatically? or, am I as is
> typical missing something?
>
>
> Roy.
You can disable the ability to login with only a password as well as a pretty
flexible host.deny/allow setup as I recall.
Look in the sshd man page. It is really quite complete and does a pretty good job
of explaing the options.
To disable the use of password only athentication, look for the
passwordauthentication= yes in the /etc/ssh/sshd_config file and set it to no.
Hope this helps.
Bret
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
