Why does SSH prompt for 2 passwords?
Willie Viljoen
will at unfoldings.net
Fri Apr 18 06:02:49 PDT 2003
On Friday 18 April 2003 0:48, someone, possibly Joe Lewis, typed:
> Password:
> Response:
> joe at 192.168.1.1's password:
The first prompt is PAM challenge response authentication. This uses the PAM
system instead of a just a flat read of /etc/master.passwd to authenticate,
and is also more secure than standard plaintext authentication.
Unless your sshd is misconfigured, your configuration files and binaries are
out of sync (this happend when a system is upgraded without doing
mergemaster), this should not be happening, and you should be able to log
in at the first prompt. It might also be that the ssh client you are using
does not handle challenge response authentication properly.
If you are happy with standard plaintext configuration, you may edit
/etc/ssh/sshd_config and change the setting to this:
# Change to no to disable PAM authentication
ChallengeResponseAuthentication no
I'd recommend you rather get PAM fixed though, or use public key
authentication instead, that's much more secure than any form of password
authentication.
Will
--
Willie Viljoen
Freelance IT Consultant
214 Paul Kruger Avenue, Universitas
Bloemfontein
9321
South Africa
+27 51 522 15 60
+27 51 522 44 36 (after hours)
+27 82 404 03 27 (mobile)
will at unfoldings.net
More information about the freebsd-questions
mailing list