sshd: move mikaela-prohibit-password.conf to broken/

Apparently OpenSSH only allows PasswordAuthentication yes within a Match
block.
This commit is contained in:
Aminda Suomalainen 2021-02-02 14:12:43 +02:00
parent 1be2720861
commit 288b010fe5
Signed by: Mikaela
GPG Key ID: 99392F62BAE30723
4 changed files with 16 additions and 7 deletions

View File

@ -1,5 +1,8 @@
# Version Control System accounts musn't have X11Forwarding, TCP Forwarding # Version Control System accounts musn't have X11Forwarding, TCP Forwarding
# or TTY. The anoncvs is usually a comment in stock sshd_config # or TTY. The anoncvs is usually a comment in stock sshd_config.
# The password blocking may only work in reverse so this file is partially
# useless. https://serverfault.com/a/461865 & OpenSSH_8.4p1
Match User anoncvs,git,gitea Match User anoncvs,git,gitea
PasswordAuthentication no PasswordAuthentication no
AuthenticationMethods publickey AuthenticationMethods publickey

View File

@ -0,0 +1,7 @@
# User Mikaela hates passwords and will only use keys. This may only work
# in reverse so this file is useless. https://serverfault.com/a/461865
# & OpenSSH_8.4p1
Match User mikaela
PasswordAuthentication no
AuthenticationMethods publickey
Match All

View File

@ -1,5 +0,0 @@
# User Mikaela hates passwords and will only use keys.
Match User mikaela
PasswordAuthentication no
AuthenticationMethods publickey
Match All

View File

@ -1,5 +1,9 @@
# This is the opposite of mikaela-prohibit-password.conf and shouldn't be # This is the opposite of mikaela-prohibit-password.conf and shouldn't be
# used, that is why it's in comments # used, that is why it's in comments.
# As of OpenSSH_8.4p1 this may be the only way this works, with globally
# blocking passwords, but accepting only specific users to use passwords.
# https://serverfault.com/a/461865 OpenSSH_8.4p1
#Match User someone #Match User someone
# PasswordAuthentication yes # PasswordAuthentication yes