On Tue, Jun 05, 2001 at 03:44:28PM -0700, Karsten M. Self wrote: > > I don't know that it's possible to disable password authentication, or
PasswordAuthentication no
or if you want to do it on a user by user basis add:
auth required pam_listfile.so item=user sense=deny \
file=/etc/ssh/ssh_rsa_only onerr=succeed
to /etc/pam.d/ssh
then add users who should not be allowed to authenticate via passwords
to /etc/ssh/ssh_rsa_only
> to require passphrase authentication (unsecured RSA keys *are* a
> security threat).
no way to prevent that, the passphrase is only known to the client,
and the client program is what takes care of asking it and decrypting
the private key. there is no way for the server to know much less
enforce passphrase rules on RSA/DSA keys.
--
Ethan Benson
http://www.alaska.net/~erbenson/
pgpLgzRFjWCpD.pgp
Description: PGP signature
