Strange SFTP and PAM failure

Jaime Kikpole jkikpole at
Sun Sep 6 22:57:08 UTC 2015

I think I have an answer, but I don't know if it is a good idea or not.

When I asked, they eventually told me they're using Java 1.8 Update
51.  After weeks of wasted time, they escalated it to engineering.
(And I do mean "wasted."  It took three days for them to "pull the
logs" (their words) so that someone could review them.  Not 3 days to
review them.  Just to "pull the logs.")

Meanwhile, I've been tinkering and trying until I found that changing
"PasswordAuthentication" in /etc/sshd_config from the default of "no"
to "yes" will allow the PowerSchool system to make an SFTP connection
and successfully push the text file over the link.

So my question now becomes:  Is this a good idea?

The man page seems to say that I should set
ChallengeResponseAuthentication to "no" if PasswordAuthentication is
set to "yes".  Should I make that change?  Should I just disable PAM
within sshd?

I also freely admit that I don't have a deep understanding of PAM and
usually leave it on the default settings.  Perhaps I just have a silly
setting in PAM.

Any advice would be appreciated.  Thanks in advance!

Jaime Kikpole
Network Administrator
Cairo-Durham Central School District

Technical Support:
help at

This electronic message and any attachment(s) may contain confidential or 
legally privileged information protected by law from further disclosure and 
is intended only for the individual or entity identified above as the 
addressee. If you are not the addressee (or the employee or agency 
responsible to deliver it to the addressee), or if this message has been 
addressed to you in error, you are hereby notified that you may not copy, 
forward, disclose or use any part of this message or any attachment(s). 
Please notify the sender immediately by return email or telephone and 
permanently delete this message and attachment(s) from your system.

More information about the freebsd-questions mailing list