Ian Malone <ibmalone@xxxxxxxxx> writes: > This is not what the OP is trying to do (or, at least, I hope not...). > > Leave this alone, having passwordless accounts you can log into over > ssh is an awful idea as mentioned above: > #PermitEmptyPasswords no > > Add this to prevent authentication against the user's password: > PasswordAuthentication no And just to prevent pam from allowing a password login you also want to add: UsePam=no It is amazing now many linux and bsd systems get broken into and used as ssh-password attacking zombies. (From looking at my sshd logs I see a few probes each day.) I would be really nice if OS distributions were to stop encouraging stupid behavior and not leaving password logins open. cat << EOF > /etc/ssh/sshd_config Protocol 2 LogLevel VERBOSE PermitRootLogin without-password PasswordAuthentication no ChallengeResponseAuthentication no X11Forwarding yes UsePam no ClientAliveInterval 60 ClientAliveCountMax 30 EOF -wolfgang -- Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/
