On 4/24/05, Ludovic Rousseau <[EMAIL PROTECTED]> wrote: > Hello, <snip>
Hello, ummm, are they the same? I don't think so. What happens if you do this: PasswordAuthentication yes UsePAM no instead of > PasswordAuthentication no > UsePAM no > then passwords are effectively disabled. I'm guessing that sshd will work by checking your password, by itself, from /etc/passwd. But most of us with other systems for authentication, say pam_mysql, pam_ldap, just to name a few. Those won't be able to login to the system. So, these two options are related, but they are not the same. However, I'm with you in that a Note should exist in the Debian README file saying that pam_unix in /etc/pam.d/ssh with authenticate against /etc/passwd also. So, if you want to disable password authentication completely, you must set UsePAM to no, as well as the older method of authentication. For some reason this sounds to me like an obvious thing to know (especially by experienced sysadmins). However, I see your point. -- ----)(----- Luis M System Administrator Kiskeyix.org "We think basically you watch television to turn your brain off, and you work on your computer when you want to turn your brain on" -- Steve Jobs in an interview for MacWorld Magazine 2004-Feb No .doc: http://www.fsf.org/philosophy/no-word-attachments.es.html
