sshd: public key working, but can't get passwords working
Michael Hipp
Michael@Hipp.com
Mon Jul 30 19:37:00 GMT 2007
Thorsten Kampe wrote:
> * Michael Hipp (Mon, 30 Jul 2007 08:36:48 -0500)
>> Daniel Griscom wrote:
>>> At 7:32 PM -0500 7/29/07, René Berber wrote:
>>>> Back to the original problem: did you use ssh-user-config? (I guess
>>>> What you reported about the log is simple, the password used is not
>>>> correct...
>>>> it should prompt you 3 times and then close the connection; or the
>>>> configuration
>>>> does not allow password authentication, let's check this last one:
>>>>
>>>> In /etc/sshd_config you should have:
>>>>
>>>> #PasswordAuthentication yes
>>>> #PermitEmptyPasswords no
>>>> #UsePAM no
>>> All three lines are present and commented out (as above).
>> I thought you were trying to use public/private key authentication, not
>> password authentication?
>>
>> If so, then the first line above needs to be uncommented and changed to
>> 'no'.
>
> No, password authentication and public are not mutually exlusive. The
> default is fine.
I didn't say they were. But since he's trying to use public/private key
authentication then he probably wouldn't want password authentication
available as an attack vector. Check your auth logs sometime and notice
how common are attacks against port 22 using dictionaries and common
account names.
Michael
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list