Not allowing SSH logins without a public key?
Giorgos Keramidas
keramida at ceid.upatras.gr
Tue Sep 13 15:07:55 PDT 2005
On 2005-09-13 23:27, Joachim Dagerot <jd at dagerot.com> wrote:
> I have created a public/private key set with putty and managed to add
> the public key to my .ssh directory. I have also verified that it
> works as desired.
>
> I'm not too confident in configuring the SSHD so some help is much
> appreciated.
>
> I would like to not allow a ssh connection to the server for users
> that hasn't provided a public key.
You can explicitly allow (or disallow) authentication methods by editing
your ``/etc/ssh/sshd_config'' file. For details, please refer to
sshd_config(5):
% man sshd_config
Some of the relevant options in the unmodified sshd_config I have here
are the following:
#RSAAuthentication yes
#PubkeyAuthentication yes
#RhostsRSAAuthentication no
#HostbasedAuthentication no
#PasswordAuthentication no
#ChallengeResponseAuthentication yes
#KerberosAuthentication no
#GSSAPIAuthentication no
In general, the options whose name contains ``Authentication'' are
authentication methods, and you can enable or disable each one separately.
More information about the freebsd-questions
mailing list