Disabling password login for ssh
807559Jan 23 2009 — edited Jan 23 2009I want to harden my system (single Solaris 10 x86 box) by disabling password logins with ssh (ssh is the only way in from the outisde.) It looked to be straightforward in the sshd_config file by changing PasswordAuthentication to no. Not so. A little further down the sshd_config is a bit about PAM:
# Use PAM via keyboard interactive method for authentication.
# Depending on the setup of pam.conf(4) this may allow tunneled clear text
# passwords even when PasswordAuthentication is set to no. This is dependent
# on what the individual modules request and is out of the control of sshd
# or the protocol.
PAMAuthenticationViaKBDInt yes
I tried setting that to no and restarting ssh but could not login at all using keypairs or password. I think my conncetion was refused when I did that.
My pam.conf is bone stock and I've never had the pleasure of configuring PAM. What do I need to do to make it so that the only way to login via ssh is using a keypair?
Edited by: 4mula1 on Jan 23, 2009 5:48 PM