Gentoo Archives: gentoo-security

From: Adrian CAPDEFIER <adriancapdefier@×××××××.ro>
To: gentoo-security@l.g.o
Subject: [gentoo-security] pam configuration for ssh
Date: Tue, 10 Aug 2004 06:44:49
1 Hello.
2 I'm trying to have my sshd use only key-based auth while still taking
3 advantages of the PAM modules.
4 My sshd_config is config quite right but pam modules overwrite some of
5 those settings that deny password login. How should I modify this file
7 neuro root # cat /etc/pam.d/sshd
9 auth required nullok
10 auth required
11 auth required
12 auth required
13 account required
14 password required difok=3 retry=3 minlen=8 \
15 dcredit=2 ocredit=2 use_authtok
16 password required shadow md5
17 session required
18 session required
20 I've shamelessy copied this from the gentoo security guide and, as it
21 was my understanding, it was supposed to deny password logins. Well it
22 doesn't. When I disable PAM in /etc/ssh/sshd_config, passwords are
23 disabled but as I said before I want to use PAM.
24 Some recommended reading on PAM would be nice, too :).
26 --
28 Adi
30 --
31 gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] pam configuration for ssh Paul de Vrieze <pauldv@g.o>