RE: Disable SSH authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> # Disallow non-root logins when /etc/nologin exists.
I didn't have that line in my box and didn't bother to verify what '
pam_nologin.so' stands for.  Now I checked that /etc/nologin did not
exist in my box (that explains why it worked). 
-Sharath.
 
 

-----Original Message-----
From: Kosala Atapattu [mailto:kosala.atapattu@xxxxxxxxx] 
Sent: Thursday, October 16, 2008 11:12 AM
To: Sharath Ballal
Cc: Christian Grunfeld; chaoson; secureshell@xxxxxxxxxxxxxxxxx
Subject: Re: Disable SSH authentication

Hi Sharath,

On Thu, Oct 16, 2008 at 8:29 AM, Sharath Ballal
<Sharath.Ballal@xxxxxxxxxx> wrote:
> Kosala ,
>

BTW, I'm not the originator of the request... it's chaoson.

> You can still use SSH with PAM and skip both password and key
authentication by changing the following entry in /etc/pam.d/sshd file
and commenting other auth entries.
>
> auth            sufficient      pam_nologin.so          no_warn
>
> i.e. Change the pam_nologin.so to "sufficient" in the auth category
and comment all others in this category (I guess even commenting other
entries may not be required since we made it "sufficient" but it has to
be the first entry, you can try that out).


I see this in my Ubuntu box.

# Disallow non-root logins when /etc/nologin exists.
account    required     pam_nologin.so

The description gives a different definition to pam_nologin.so.

Kosala


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux