diff options
author | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2004-05-23 11:47:58 +1000 |
commit | 701d0514ee3ffc5e8fde36bb0559709490407053 (patch) | |
tree | 1b1273c29359991916c0687ccd4471d78c5e39eb /sshd_config | |
parent | 991d95f4125ca1ce40bb7d469b69b1e174b78967 (diff) |
- (djm) Explain consequences of UsePAM=yes a little better in sshd_config;
ok dtucker@
Diffstat (limited to 'sshd_config')
-rw-r--r-- | sshd_config | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/sshd_config b/sshd_config index b45c8c561..2b8d9f695 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -67,9 +67,14 @@ | |||
67 | #GSSAPIAuthentication no | 67 | #GSSAPIAuthentication no |
68 | #GSSAPICleanupCredentials yes | 68 | #GSSAPICleanupCredentials yes |
69 | 69 | ||
70 | # Set this to 'yes' to enable PAM authentication (via challenge-response) | 70 | # Set this to 'yes' to enable PAM authentication, account processing, |
71 | # and session processing. Depending on your PAM configuration, this may | 71 | # and session processing. If this is enabled, PAM authentication will |
72 | # bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords' | 72 | # be allowed through the ChallengeResponseAuthentication mechanism. |
73 | # Depending on your PAM configuration, this may bypass the setting of | ||
74 | # PasswordAuthentication, PermitEmptyPasswords, and | ||
75 | # "PermitRootLogin without-password". If you just want the PAM account and | ||
76 | # session checks to run without PAM authentication, then enable this but set | ||
77 | # ChallengeResponseAuthentication=no | ||
73 | #UsePAM no | 78 | #UsePAM no |
74 | 79 | ||
75 | #AllowTcpForwarding yes | 80 | #AllowTcpForwarding yes |