[Bug 263045] sshd allows password logins when "PasswordAuthentication no" is set
Date: Tue, 05 Apr 2022 13:09:34 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263045 --- Comment #4 from email@example.com --- (In reply to Marek Zarychta from comment #3) As I said in my original post, "Setting "PasswordAuthentication no" in /etc/ssh/sshd_config does not disable a password logins. To accomplish that, "KbdInteractiveAuthentication no" must be set ("yes" is the default).". So the answer to your question "Can't you disable password authentication in 13.1-RC1?" is yes, I can. The answer to your question "What's the real problem here?" is that "PasswordAuthentication" with a default setting of "no" says pretty explicitly that password authentication is off by default. Except it isn't. You also have to disable KbdInteractiveAuthentication. And, as I've also already pointed out, FreeBSD relative DragonFlyBSD does the sensible thing here -- "PasswordAuthentication no" means "PasswordAuthentication no". -- You are receiving this mail because: You are the assignee for the bug.