Re: SSH root login with keys only

2010-04-05 Thread Marcin Wisnicki
On Mon, 05 Apr 2010 12:38:01 -0500, Peggy Wilkins wrote: > On Mon, Apr 5, 2010 at 4:17 AM, Vincent Hoffman > wrote: >> >> However a note later in the default sshd_config file regarding the >> UsePAM setting says >> 'Depending on your PAM configuration, >>  PAM authentication via ChallengeResponse

Re: SSH root login with keys only

2010-04-05 Thread Peggy Wilkins
On Mon, Apr 5, 2010 at 4:17 AM, Vincent Hoffman wrote: > I missed the rest of this thread so sorry its its been said already. As > far as I knew the directive > PermitRootLogin without-password > in /etc/ssh/sshd_config > should accomplish what was requested. > > However a note later in the defau

Re: SSH root login with keys only

2010-04-05 Thread Modulok
You should also consider posting your patch and related content to, 'freebsd-hack...@freebsd.org'. -Modulok- On 4/5/10, Marcin Wisnicki wrote: > On Mon, 05 Apr 2010 10:01:08 +0100, Matthew Seaman wrote: > >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On 04/04/2010 22:04:35, Marcin W

Re: SSH root login with keys only

2010-04-05 Thread Marcin Wisnicki
On Mon, 05 Apr 2010 10:01:08 +0100, Matthew Seaman wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 04/04/2010 22:04:35, Marcin Wisnicki wrote: >> Is it possible to configure sshd such that both conditions are met: >> >> 1. Root will be able to login only by using keys 2. Normal u

Re: SSH root login with keys only

2010-04-05 Thread Vincent Hoffman
On 05/04/2010 10:17, Vincent Hoffman wrote: > On 05/04/2010 10:01, Matthew Seaman wrote: > >> On 04/04/2010 22:04:35, Marcin Wisnicki wrote: >> >>> Is it possible to configure sshd such that both conditions are met: >>> >> >>> 1. Root will be able to login only by using keys >>>

Re: SSH root login with keys only

2010-04-05 Thread Vincent Hoffman
On 05/04/2010 10:01, Matthew Seaman wrote: > On 04/04/2010 22:04:35, Marcin Wisnicki wrote: > > Is it possible to configure sshd such that both conditions are met: > > > 1. Root will be able to login only by using keys > > 2. Normal users will still be able to use pam/keyboard-interactive > > Only

Re: SSH root login with keys only

2010-04-05 Thread Matthew Seaman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/04/2010 22:04:35, Marcin Wisnicki wrote: > Is it possible to configure sshd such that both conditions are met: > > 1. Root will be able to login only by using keys > 2. Normal users will still be able to use pam/keyboard-interactive Only by run

Re: SSH root login with keys only

2010-04-04 Thread Erik Norgaard
On 05/04/10 01:35, Marcin Wisnicki wrote: PasswordAuthentication is already disabled (by default). I need to disable ChallengeResponseAuthentication however: /etc/ssh/sshd_config line 131: Directive 'ChallengeResponseAuthentication' is not allowed within a Match block Same thing for "Use

Re: SSH root login with keys only

2010-04-04 Thread Marcin Wisnicki
On Sun, 04 Apr 2010 23:49:59 +0200, Julian Fagir wrote: > Hi, > >> Is it possible to configure sshd such that both conditions are met: >> >> 1. Root will be able to login only by using keys 2. Normal users will >> still be able to use pam/keyboard-interactive > > perhaps the sshd-option "Permit

Re: SSH root login with keys only

2010-04-04 Thread Marcin Wisnicki
On Mon, 05 Apr 2010 01:25:09 +0200, Erik Norgaard wrote: > On 04/04/10 23:04, Marcin Wisnicki wrote: >> Is it possible to configure sshd such that both conditions are met: >> >> 1. Root will be able to login only by using keys 2. Normal users will >> still be able to use pam/keyboard-interactive >

Re: SSH root login with keys only

2010-04-04 Thread Craig Butler
On 04/04/2010 22:04, Marcin Wisnicki wrote: Is it possible to configure sshd such that both conditions are met: 1. Root will be able to login only by using keys Yes 2. Normal users will still be able to use pam/keyboard-interactive Yes see PermitRootLogin section in man sshd_config..

Re: SSH root login with keys only

2010-04-04 Thread Erik Norgaard
On 04/04/10 23:04, Marcin Wisnicki wrote: Is it possible to configure sshd such that both conditions are met: 1. Root will be able to login only by using keys 2. Normal users will still be able to use pam/keyboard-interactive Yes, you can create a Match block with the criteria User, something

Re: SSH root login with keys only

2010-04-04 Thread krad
On 4 April 2010 22:49, Julian Fagir wrote: > Hi, > > > Is it possible to configure sshd such that both conditions are met: > > > > 1. Root will be able to login only by using keys > > 2. Normal users will still be able to use pam/keyboard-interactive > > perhaps the sshd-option "PermitRootLogin"

Re: SSH root login with keys only

2010-04-04 Thread Julian Fagir
Hi, > Is it possible to configure sshd such that both conditions are met: > > 1. Root will be able to login only by using keys > 2. Normal users will still be able to use pam/keyboard-interactive perhaps the sshd-option "PermitRootLogin" does match your requirements. To be found in sshd_config (

SSH root login with keys only

2010-04-04 Thread Marcin Wisnicki
Is it possible to configure sshd such that both conditions are met: 1. Root will be able to login only by using keys 2. Normal users will still be able to use pam/keyboard-interactive ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.o