SSH root login with keys only
Marcin Wisnicki
mwisnicki+freebsd at gmail.com
Sun Apr 4 23:40:04 UTC 2010
On Sun, 04 Apr 2010 23:49:59 +0200, Julian Fagir wrote:
> Hi,
>
>> Is it possible to configure sshd such that both conditions are met:
>>
>> 1. Root will be able to login only by using keys 2. Normal users will
>> still be able to use pam/keyboard-interactive
>
> perhaps the sshd-option "PermitRootLogin" does match your requirements.
> To be found in sshd_config (5).
>
Unfortunately it doesn't. Assuming you mean 'without-password' option,
I would have to disable ChallengeResponseAuthentication for everyone
which I would like to avoid.
It is not possible to disable ChallengeResponseAuthentication inside
match block.
More information about the freebsd-questions
mailing list