diff options
| author | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
| commit | 701d0514ee3ffc5e8fde36bb0559709490407053 (patch) | |
| tree | 1b1273c29359991916c0687ccd4471d78c5e39eb /sshd_config | |
| parent | 991d95f4125ca1ce40bb7d469b69b1e174b78967 (diff) | |
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
ok dtucker@
Diffstat (limited to 'sshd_config')
| -rw-r--r-- | sshd_config | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/sshd_config b/sshd_config index b45c8c561..2b8d9f695 100644 --- a/sshd_config +++ b/sshd_config | |||
| @@ -67,9 +67,14 @@ | |||
| 67 | #GSSAPIAuthentication no | 67 | #GSSAPIAuthentication no |
| 68 | #GSSAPICleanupCredentials yes | 68 | #GSSAPICleanupCredentials yes |
| 69 | 69 | ||
| 70 | # Set this to 'yes' to enable PAM authentication (via challenge-response) | 70 | # Set this to 'yes' to enable PAM authentication, account processing, |
| 71 | # and session processing. Depending on your PAM configuration, this may | 71 | # and session processing. If this is enabled, PAM authentication will |
| 72 | # bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords' | 72 | # be allowed through the ChallengeResponseAuthentication mechanism. |
| 73 | # Depending on your PAM configuration, this may bypass the setting of | ||
| 74 | # PasswordAuthentication, PermitEmptyPasswords, and | ||
| 75 | # "PermitRootLogin without-password". If you just want the PAM account and | ||
| 76 | # session checks to run without PAM authentication, then enable this but set | ||
| 77 | # ChallengeResponseAuthentication=no | ||
| 73 | #UsePAM no | 78 | #UsePAM no |
| 74 | 79 | ||
| 75 | #AllowTcpForwarding yes | 80 | #AllowTcpForwarding yes |