summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sshd_config6
-rw-r--r--sshd_config.56
2 files changed, 6 insertions, 6 deletions
diff --git a/sshd_config b/sshd_config
index 4b3011ec..c423eba1 100644
--- a/sshd_config
+++ b/sshd_config
@@ -72,13 +72,13 @@ AuthorizedKeysFile .ssh/authorized_keys
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
+# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
+# PAM authentication via KbdInteractiveAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
+# and KbdInteractiveAuthentication to 'no'.
#UsePAM no
#AllowAgentForwarding yes
diff --git a/sshd_config.5 b/sshd_config.5
index 07635932..faa0a0f3 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -1745,17 +1745,17 @@ Enables the Pluggable Authentication Module interface.
If set to
.Cm yes
this will enable PAM authentication using
-.Cm ChallengeResponseAuthentication
+.Cm KbdInteractiveAuthentication
and
.Cm PasswordAuthentication
in addition to PAM account and session module processing for all
authentication types.
.Pp
-Because PAM challenge-response authentication usually serves an equivalent
+Because PAM keyboard-interactive authentication usually serves an equivalent
role to password authentication, you should disable either
.Cm PasswordAuthentication
or
-.Cm ChallengeResponseAuthentication.
+.Cm KbdInteractiveAuthentication.
.Pp
If
.Cm UsePAM