sshd - public key vs keyboard interactive authentication

Chris Hodgins chodgins at cis.strath.ac.uk
Sun Mar 6 17:53:26 PST 2005


Jeff With wrote:
>>So, my questions:
>>
>>1. How do I disable password authentication - i.e. force to use the DSA keys?
> 
> 
> Make sure all 'password' auth is disabled and publickey is enabled.  
> 
> <sshd_config>
> 
> PasswordAuthentication no
> UseLogin no
> UsePAM no 
> PubkeyAuthentication yes
> 
> 
>>2. Can I use both for added security - i.e.  using the keys and then
>>get prompted for password?
> 
> 
> There was some work stared on this type of thing last year, but I
> don't think it was every finalized...
> 
> http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=108552250117169&w=2
> 
> - jw

You can add a passphrase to your key using ssh-keygen.  If you use a 
password you get something like this when you login.

chris at laptop:/usr/home/chris$ ssh myserver.net
Enter passphrase for key '/home/chris/.ssh/id_dsa':

Chris


More information about the freebsd-questions mailing list