On 2017/10/13 12:57, Walter Alejandro Iglesias wrote: > In sshd_config(5), to avoid confusion with PermitRootLogin options. > > Original: > > If this option is set to *prohibit-password* or *without-password*, > password and keyboard-interactive authentication are disabled for > root. > > Proposed: > > If this option is set to *prohibit-password* (renamed from > *without-password* to avoid ambiguity, both valid) only non > keyboard-interactive authentication (public-key, hostbased and GSSAPI) > is allowed for root.
How about a briefer alternative that points people towards the more self-explanatory option keyword? Index: sshd_config.5 =================================================================== RCS file: /cvs/src/usr.bin/ssh/sshd_config.5,v retrieving revision 1.254 diff -u -p -r1.254 sshd_config.5 --- sshd_config.5 9 Oct 2017 20:12:51 -0000 1.254 +++ sshd_config.5 13 Oct 2017 12:59:14 -0000 @@ -1198,10 +1198,11 @@ The default is .Cm prohibit-password . .Pp If this option is set to -.Cm prohibit-password -or -.Cm without-password , +.Cm prohibit-password , password and keyboard-interactive authentication are disabled for root. +.Cm without-password +is a deprecated alias for +.Cm prohibit-password . .Pp If this option is set to .Cm forced-commands-only ,
