mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-27 15:45:21 +00:00
sshd_config: clarify password authentication options
Passwords may be accepted by both the PasswordAuthentication and KbdInteractiveAuthentication authentication schemes. Add a reference to the latter in the description/comment for PasswordAuthentication, as it otherwise may seem that "PasswordAuthentication no" implies passwords will be disallowed. This situation should be clarified with more extensive documentation on the authentication schemes and configuration options, but that should be done in coordination with upstream OpenSSH. This is a minimal change that will hopefully clarify the situation without requiring an extensive local patch set. PR: 263045 Reviewed by: manu (earlier version) MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D35272
This commit is contained in:
parent
57317c8971
commit
9f009e066f
@ -57,6 +57,7 @@ AuthorizedKeysFile .ssh/authorized_keys
|
||||
#IgnoreRhosts yes
|
||||
|
||||
# Change to yes to enable built-in password authentication.
|
||||
# Note that passwords may also be accepted via KbdInteractiveAuthentication.
|
||||
#PasswordAuthentication no
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
|
@ -1278,6 +1278,8 @@ The default is
|
||||
.Pa /etc/moduli .
|
||||
.It Cm PasswordAuthentication
|
||||
Specifies whether password authentication is allowed.
|
||||
Note that passwords may also be accepted via
|
||||
.Cm KbdInteractiveAuthentication .
|
||||
See also
|
||||
.Cm UsePAM .
|
||||
The default is
|
||||
|
Loading…
Reference in New Issue
Block a user