diff options
author | Damien Miller <djm@mindrot.org> | 2003-05-14 15:11:48 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-05-14 15:11:48 +1000 |
commit | 4e448a31ae12e6f84caa7cdfc8b4c23db92459db (patch) | |
tree | 8f4c0885c8c91456b4d27d7f405e9125b83491a4 /sshd_config.5 | |
parent | 9c617693c2250c62e5e326372bc783e3416a94b0 (diff) |
- (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 31ef3996d..1278cb61f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -422,12 +422,15 @@ The probability increases linearly and all connection attempts | |||
422 | are refused if the number of unauthenticated connections reaches | 422 | are refused if the number of unauthenticated connections reaches |
423 | .Dq full | 423 | .Dq full |
424 | (60). | 424 | (60). |
425 | .It Cm PAMAuthenticationViaKbdInt | 425 | |
426 | Specifies whether PAM challenge response authentication is allowed. This | 426 | .It Cm UsePAM |
427 | allows the use of most PAM challenge response authentication modules, but | 427 | Enables PAM authentication (via challenge-response) and session set up. |
428 | it will allow password authentication regardless of whether | 428 | If you enable this, you should probably disable |
429 | .Cm PasswordAuthentication | 429 | .Cm PasswordAuthentication . |
430 | is enabled. | 430 | If you enable |
431 | .CM UsePAM | ||
432 | then you will not be able to run sshd as a non-root user. | ||
433 | |||
431 | .It Cm PasswordAuthentication | 434 | .It Cm PasswordAuthentication |
432 | Specifies whether password authentication is allowed. | 435 | Specifies whether password authentication is allowed. |
433 | The default is | 436 | The default is |