SSH root login with keys only
Erik Norgaard
norgaard at locolomo.org
Sun Apr 4 23:25:12 UTC 2010
On 04/04/10 23:04, Marcin Wisnicki wrote:
> Is it possible to configure sshd such that both conditions are met:
>
> 1. Root will be able to login only by using keys
> 2. Normal users will still be able to use pam/keyboard-interactive
Yes, you can create a Match block with the criteria User, something like
this I guess will work (haven't tested):
PermitRootLogin yes
Match User root
PasswordAuthentication no
check the man page. You might also want to restrict from where root can
login with another match block.
I assume that you have decided root login is acceptable with the
increased security of key authentication. Just beware that the key must
be password protected.
BR, Erik
--
Erik Nørgaard
Ph: +34.666334818/+34.915211157 http://www.locolomo.org
More information about the freebsd-questions
mailing list