[Bug 263045] sshd password configuration options are unclear

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 18 May 2022 15:43:36 UTC

--- Comment #9 from Ed Maste <emaste@freebsd.org> ---
Some more details:

PasswordAuthentication is handled by auth2-passwd.c and auth-passwd.c, and
auth-pam.c, which uses sshpam_auth_passwd() if UsePAM is true, else it uses
crypt(3) and compares against the passwd entry. In effect, sshd requests a user
name and a password, and then passes them to pam or checks the password itself.
The PasswordAuthentication scheme is described in RFC 4252.

KbdInteractiveAuthentication is handled by auth2-kbdint.c, auth2-chall.c, and
auth-pam.c. In this case sshpam_thread() calls pam_authenticate(), and the
authentication is driven by pam, not by sshd. This scheme is described in RFC
4256, Generic Message Exchange Authentication for the Secure Shell Protocol."

You are receiving this mail because:
You are the assignee for the bug.