X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Thorsten Kampe <thorsten AT thorstenkampe DOT de>
Subject:  Re: sshd: public key working, but can't get passwords working
Date:  Tue, 31 Jul 2007 08:54:31 +0100
Lines: 35
Message-ID: <f8mpro$8eh$1@sea.gmane.org>
References:  <p06240802c2d24b662020@[192.168.1.8]> <f8ite8$at$1 AT sea DOT gmane DOT org> <p06240801c2d2ab3c9626@[192.168.1.8]> <f8j7aq$qja$1 AT sea DOT gmane DOT org> <p06240802c2d2de2f403a@[192.168.1.8]> <f8jbjd$4uc$1 AT sea DOT gmane DOT org> <p06240804c2d3961da325@[192.168.1.8]> <46ADE970 DOT 7010000 AT Hipp DOT com> <f8kte2$b8b$1 AT sea DOT gmane DOT org> <46AE3E1A DOT 1000807 AT Hipp DOT com>
Mime-Version:  1.0
Content-Type:  text/plain; charset="utf-8"
Content-Transfer-Encoding:  8bit
User-Agent: MicroPlanet-Gravity/2.70.2067
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

* Michael Hipp (Mon, 30 Jul 2007 14:38:02 -0500)
> Thorsten Kampe wrote:
> > * Michael Hipp (Mon, 30 Jul 2007 08:36:48 -0500)
> >> Daniel Griscom wrote:
> >>> At 7:32 PM -0500 7/29/07, René Berber wrote:
> >>>> Back to the original problem: did you use ssh-user-config?  (I guess 
> >>>> What you reported about the log is simple, the password used is not 
> >>>> correct...
> >>>> it should prompt you 3 times and then close the connection; or the 
> >>>> configuration
> >>>> does not allow password authentication, let's check this last one:
> >>>>
> >>>> In /etc/sshd_config you should have:
> >>>>
> >>>> #PasswordAuthentication yes
> >>>> #PermitEmptyPasswords no
> >>>> #UsePAM no
> >>> All three lines are present and commented out (as above).
> >> I thought you were trying to use public/private key authentication, not 
> >> password authentication?
> >>
> >> If so, then the first line above needs to be uncommented and changed to 
> >> 'no'.
> > 
> > No, password authentication and public are not mutually exlusive. The 
> > default is fine.
> 
> I didn't say they were. But since he's trying to use public/private key 
> authentication then he probably wouldn't want password authentication 
> available as an attack vector.

Okay, understood. I was under the impression that you were suggesting 
that password authentication has to be turned off to have public key 
authentication work. You just meant it is advisable to turn it off if 
you want public key authentication. D'accord.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/