diff options
| author | Damien Miller <djm@mindrot.org> | 2003-05-14 15:11:48 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2003-05-14 15:11:48 +1000 |
| commit | 4e448a31ae12e6f84caa7cdfc8b4c23db92459db (patch) | |
| tree | 8f4c0885c8c91456b4d27d7f405e9125b83491a4 /sshd_config.5 | |
| parent | 9c617693c2250c62e5e326372bc783e3416a94b0 (diff) | |
- (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
Diffstat (limited to 'sshd_config.5')
| -rw-r--r-- | sshd_config.5 | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 31ef3996d..1278cb61f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -422,12 +422,15 @@ The probability increases linearly and all connection attempts | |||
| 422 | are refused if the number of unauthenticated connections reaches | 422 | are refused if the number of unauthenticated connections reaches |
| 423 | .Dq full | 423 | .Dq full |
| 424 | (60). | 424 | (60). |
| 425 | .It Cm PAMAuthenticationViaKbdInt | 425 | |
| 426 | Specifies whether PAM challenge response authentication is allowed. This | 426 | .It Cm UsePAM |
| 427 | allows the use of most PAM challenge response authentication modules, but | 427 | Enables PAM authentication (via challenge-response) and session set up. |
| 428 | it will allow password authentication regardless of whether | 428 | If you enable this, you should probably disable |
| 429 | .Cm PasswordAuthentication | 429 | .Cm PasswordAuthentication . |
| 430 | is enabled. | 430 | If you enable |
| 431 | .CM UsePAM | ||
| 432 | then you will not be able to run sshd as a non-root user. | ||
| 433 | |||
| 431 | .It Cm PasswordAuthentication | 434 | .It Cm PasswordAuthentication |
| 432 | Specifies whether password authentication is allowed. | 435 | Specifies whether password authentication is allowed. |
| 433 | The default is | 436 | The default is |