ssh configuration is flawed

Home Forums Conduit: AEP Model ssh configuration is flawed

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • December 21, 2020 at 8:14 pm #31429
    wkhatch@unimar.com
    Participant

    It’s not possible to set a conduit to disable password auth in sshd config. Typically, I’d disable this, PAM, and challenge response, and just leave public key. I can enable public key auth, but disabling password auth completely shuts down ssh access, and I have to access through the debug port, then revert changes in /etc/ssh/sshd_config to get it back. I see this as a major security concern that needs to be addressed. Or maybe there’s an undocumented process for accomplishing this.

    December 22, 2020 at 8:48 am #31434
    Jeff Hatch
    Keymaster

    Hello,

    I think this has to do with assumptions that were made in managing SSH from the Web UI. I have added an enhancement request to support disabling password authentication and supporting public key authentication.

    Jeff

    December 22, 2020 at 9:15 am #31439
    wkhatch@unimar.com
    Participant

    Awesome, thanks Jeff.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.