Can someone explain the 'PasswordAuthentication' in the /etc/ssh/sshd_config file?
Problem
On this page, the explanation given is: The option PasswordAuthentication specifies whether we should use password-based authentication. For strong security, this option must always be set to yes. But it fails to provide any use case scenarios that clarifies when a Yes or no would be appropriate. Can someone please elaborate further?
Unverified for your environment
Select your OS to check compatibility.
1 Fix
Fix for: Can someone explain the 'PasswordAuthentication' in the /etc/ssh/sshd_config file?
Please note that the PasswordAuthentication setting does not control ALL password-based authentication. ChallengeResponseAuthentication usually also asks for passwords. PasswordAuthentication controls support for the 'password' authentication scheme defined in RFC-4252 (section 8). ChallengeResponseAuthentication controls support for the 'keyboard-interactive' authentication scheme defined in RFC-4256. The 'keyboard-interactive' authentication scheme could, in theory, ask a user any number of m…
Awaiting Verification
Be the first to verify this fix
Sign in to verify this fix