diff options
author | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
commit | 701d0514ee3ffc5e8fde36bb0559709490407053 (patch) | |
tree | 1b1273c29359991916c0687ccd4471d78c5e39eb | |
parent | 991d95f4125ca1ce40bb7d469b69b1e174b78967 (diff) |
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
ok dtucker@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sshd_config | 11 |
2 files changed, 13 insertions, 4 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20040523 | ||
2 | - (djm) Explain consequences of UsePAM=yes a little better in sshd_config; | ||
3 | ok dtucker@ | ||
4 | |||
1 | 20040513 | 5 | 20040513 |
2 | - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in | 6 | - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in |
3 | libresolv, fixes problems detecting it on some platforms | 7 | libresolv, fixes problems detecting it on some platforms |
@@ -1118,4 +1122,4 @@ | |||
1118 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1122 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1119 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1123 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1120 | 1124 | ||
1121 | $Id: ChangeLog,v 1.3355 2004/05/13 10:24:10 dtucker Exp $ | 1125 | $Id: ChangeLog,v 1.3356 2004/05/23 01:47:58 djm Exp $ |
diff --git a/sshd_config b/sshd_config index b45c8c561..2b8d9f695 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -67,9 +67,14 @@ | |||
67 | #GSSAPIAuthentication no | 67 | #GSSAPIAuthentication no |
68 | #GSSAPICleanupCredentials yes | 68 | #GSSAPICleanupCredentials yes |
69 | 69 | ||
70 | # Set this to 'yes' to enable PAM authentication (via challenge-response) | 70 | # Set this to 'yes' to enable PAM authentication, account processing, |
71 | # and session processing. Depending on your PAM configuration, this may | 71 | # and session processing. If this is enabled, PAM authentication will |
72 | # bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords' | 72 | # be allowed through the ChallengeResponseAuthentication mechanism. |
73 | # Depending on your PAM configuration, this may bypass the setting of | ||
74 | # PasswordAuthentication, PermitEmptyPasswords, and | ||
75 | # "PermitRootLogin without-password". If you just want the PAM account and | ||
76 | # session checks to run without PAM authentication, then enable this but set | ||
77 | # ChallengeResponseAuthentication=no | ||
73 | #UsePAM no | 78 | #UsePAM no |
74 | 79 | ||
75 | #AllowTcpForwarding yes | 80 | #AllowTcpForwarding yes |