[vox-tech] sshd_config and PasswordAuthentication

To: lugod's technical discussion forum <vox-tecMAPSh@lists.lugod.org>
Subject: [vox-tech] sshd_config and PasswordAuthentication
From: Jay Strauss <me@heyjay.MAPScom>
Date: Thu, 07 Jul 2005 08:57:30 -0500
Delivered-to: lugod@livepenguin.com
Delivered-to: vox-tech@livepenguin.com
List-archive: <http://ns1.livepenguin.com/pipermail/vox-tech>
List-help: <mailto:vox-tech-request@lists.lugod.org?subject=help>
List-id: lugod's technical discussion forum <vox-tech.lists.lugod.org>
List-post: <mailto:vox-tech@lists.lugod.org>
List-subscribe: <http://lists.lugod.org/mailman/listinfo/vox-tech>,<mailto:vox-tech-request@lists.lugod.org?subject=subscribe>
List-unsubscribe: <http://lists.lugod.org/mailman/listinfo/vox-tech>,<mailto:vox-tech-request@lists.lugod.org?subject=unsubscribe>
Reply-to: lugod's technical discussion forum <vox-tech@lists.luMAPSgod.org>
Sender: vox-tech-bounces@listsMAPS.lugod.org
User-agent: Debian Thunderbird 1.0.2 (X11/20050331)

Hi,

I have a sveasoft box, and in order to ssh from the sveasoft to a target box, the target box must have PasswordAuthentication yes in the /etc/ssh/sshd_config file.

I don't understand what that config option actually does. The config file has:

# To disable tunneled clear text passwords, change to no here!

Does this mean you can send clear text passwords to login?
Does this mean that when you build a tunnel, passwords are sent clear text to the forwarded app?

Since I'm on Sarge, and debian seems to be security conscious as a default is setting this to "yes" a security risk?

Thanks
Jay
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech

Follow-Ups:
- Re: [vox-tech] sshd_config and PasswordAuthentication
  - From: Henry House

Prev by Date: Re: [vox-tech] Matching Contents of Lists
Next by Date: Re: [vox-tech] sshd_config and PasswordAuthentication
Previous by thread: [vox-tech] Re: [vox] Survey: What do YOU use Linux for?
Next by thread: Re: [vox-tech] sshd_config and PasswordAuthentication
Index(es):
- Date
- Thread

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
1105 Kennedy Place, Suite 1, Davis, CA 95616
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Richard Mancusi
For a generous donation to allow us to continue meeting at the Davis Library.