- (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current

   reality.  Pointed out by tryponraj at gmail.com.

1 files changed, 7 insertions, 6 deletions

diff --git a/sshd_config b/sshd_config
index 4957dd1a..57f9a17b 100644
--- a/sshd_config
+++ b/sshd_config
@@ -71,12 +71,13 @@
 
 # Set this to 'yes' to enable PAM authentication, account processing, 
 # and session processing. If this is enabled, PAM authentication will 
-# be allowed through the ChallengeResponseAuthentication mechanism. 
-# Depending on your PAM configuration, this may bypass the setting of 
-# PasswordAuthentication, PermitEmptyPasswords, and 
-# "PermitRootLogin without-password". If you just want the PAM account and 
-# session checks to run without PAM authentication, then enable this but set 
-# ChallengeResponseAuthentication=no
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
 #UsePAM no
 
 #AllowTcpForwarding yes