- (djm) Improve PAMAuthenticationViaKbdInt text from Nalin Dahyabhai

<nalin@redhat.com>
author: Damien Miller <djm@mindrot.org> 2002-06-26 23:05:16 +1000
committer: Damien Miller <djm@mindrot.org> 2002-06-26 23:05:16 +1000
commit: 136d4418e3366bae92e5f1472a0251efc5e2804c (patch)
tree: cdaf95fc5285932004da8731efd3586c3d2b47fe /sshd_config.5
parent: f49035a0bbd87a89ded6f029f379f7d655135a66 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index 3e198dfa3..aa7b7c7d4 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -305,10 +305,6 @@ To disable keepalives, the value should be set to
 .It Cm KerberosAuthentication
 Specifies whether Kerberos authentication is allowed.
 This can be in the form of a Kerberos ticket, or if
-.It Cm PAMAuthenticationViaKbdInt
-Specifies whether PAM challenge response authentication is allowed. This
-allows the use of most PAM challenge response authentication modules, but
-it will allow password authentication regardless of whether
 .Cm PasswordAuthentication
 is yes, the password provided by the user will be validated through
 the Kerberos KDC.
@@ -425,6 +421,12 @@ The probability increases linearly and all connection attempts
 are refused if the number of unauthenticated connections reaches
 .Dq full
 (60).
+.It Cm PAMAuthenticationViaKbdInt
+Specifies whether PAM challenge response authentication is allowed. This
+allows the use of most PAM challenge response authentication modules, but
+it will allow password authentication regardless of whether
+.Cm PasswordAuthentication
+is enabled.
 .It Cm PasswordAuthentication
 Specifies whether password authentication is allowed.
 The default is
author	Damien Miller <djm@mindrot.org>	2002-06-26 23:05:16 +1000
committer	Damien Miller <djm@mindrot.org>	2002-06-26 23:05:16 +1000
commit	136d4418e3366bae92e5f1472a0251efc5e2804c (patch)
tree	cdaf95fc5285932004da8731efd3586c3d2b47fe /sshd_config.5
parent	f49035a0bbd87a89ded6f029f379f7d655135a66 (diff)

diff --git a/sshd_config.5 b/sshd_config.5 index 3e198dfa3..aa7b7c7d4 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -305,10 +305,6 @@ To disable keepalives, the value should be set to
305	.It Cm KerberosAuthentication	305	.It Cm KerberosAuthentication
306	Specifies whether Kerberos authentication is allowed.	306	Specifies whether Kerberos authentication is allowed.
307	This can be in the form of a Kerberos ticket, or if	307	This can be in the form of a Kerberos ticket, or if
308	.It Cm PAMAuthenticationViaKbdInt
309	Specifies whether PAM challenge response authentication is allowed. This
310	allows the use of most PAM challenge response authentication modules, but
311	it will allow password authentication regardless of whether
312	.Cm PasswordAuthentication	308	.Cm PasswordAuthentication
313	is yes, the password provided by the user will be validated through	309	is yes, the password provided by the user will be validated through
314	the Kerberos KDC.	310	the Kerberos KDC.
@@ -425,6 +421,12 @@ The probability increases linearly and all connection attempts
425	are refused if the number of unauthenticated connections reaches	421	are refused if the number of unauthenticated connections reaches
426	.Dq full	422	.Dq full
427	(60).	423	(60).
		424	.It Cm PAMAuthenticationViaKbdInt
		425	Specifies whether PAM challenge response authentication is allowed. This
		426	allows the use of most PAM challenge response authentication modules, but
		427	it will allow password authentication regardless of whether
		428	.Cm PasswordAuthentication
		429	is enabled.
428	.It Cm PasswordAuthentication	430	.It Cm PasswordAuthentication
429	Specifies whether password authentication is allowed.	431	Specifies whether password authentication is allowed.
430	The default is	432	The default is