diff options
author | Darren Tucker <dtucker@zip.com.au> | 2006-02-23 21:35:30 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2006-02-23 21:35:30 +1100 |
commit | a4904f7bf19fb091b9fcf8059dedd5c5198fc039 (patch) | |
tree | 384681017d1879a14619dabf375b265bf6084f7c /sshd_config | |
parent | 94413cf32ba932537ef215b07eb1833e297fcae5 (diff) | |
download | openssh-git-a4904f7bf19fb091b9fcf8059dedd5c5198fc039.tar.gz |
- (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
reality. Pointed out by tryponraj at gmail.com.
Diffstat (limited to 'sshd_config')
-rw-r--r-- | sshd_config | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/sshd_config b/sshd_config index 4957dd1a..57f9a17b 100644 --- a/sshd_config +++ b/sshd_config @@ -71,12 +71,13 @@ # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication mechanism. -# Depending on your PAM configuration, this may bypass the setting of -# PasswordAuthentication, PermitEmptyPasswords, and -# "PermitRootLogin without-password". If you just want the PAM account and -# session checks to run without PAM authentication, then enable this but set -# ChallengeResponseAuthentication=no +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. #UsePAM no #AllowTcpForwarding yes |