sshd: public key working, but can't get passwords working

Michael Hipp
Mon Jul 30 19:37:00 GMT 2007

Thorsten Kampe wrote:
> * Michael Hipp (Mon, 30 Jul 2007 08:36:48 -0500)
>> Daniel Griscom wrote:
>>> At 7:32 PM -0500 7/29/07, René Berber wrote:
>>>> Back to the original problem: did you use ssh-user-config?  (I guess 
>>>> What you reported about the log is simple, the password used is not 
>>>> correct...
>>>> it should prompt you 3 times and then close the connection; or the 
>>>> configuration
>>>> does not allow password authentication, let's check this last one:
>>>> In /etc/sshd_config you should have:
>>>> #PasswordAuthentication yes
>>>> #PermitEmptyPasswords no
>>>> #UsePAM no
>>> All three lines are present and commented out (as above).
>> I thought you were trying to use public/private key authentication, not 
>> password authentication?
>> If so, then the first line above needs to be uncommented and changed to 
>> 'no'.
> No, password authentication and public are not mutually exlusive. The 
> default is fine.

I didn't say they were. But since he's trying to use public/private key 
authentication then he probably wouldn't want password authentication 
available as an attack vector. Check your auth logs sometime and notice 
how common are attacks against port 22 using dictionaries and common 
account names.


Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list