mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-25 12:49:26 +01:00
sshd: move mikaela-prohibit-password.conf to broken/
Apparently OpenSSH only allows PasswordAuthentication yes within a Match block.
This commit is contained in:
parent
1be2720861
commit
288b010fe5
@ -1,5 +1,8 @@
|
||||
# Version Control System accounts musn't have X11Forwarding, TCP Forwarding
|
||||
# or TTY. The anoncvs is usually a comment in stock sshd_config
|
||||
# or TTY. The anoncvs is usually a comment in stock sshd_config.
|
||||
# The password blocking may only work in reverse so this file is partially
|
||||
# useless. https://serverfault.com/a/461865 & OpenSSH_8.4p1
|
||||
|
||||
Match User anoncvs,git,gitea
|
||||
PasswordAuthentication no
|
||||
AuthenticationMethods publickey
|
||||
|
@ -0,0 +1,7 @@
|
||||
# User Mikaela hates passwords and will only use keys. This may only work
|
||||
# in reverse so this file is useless. https://serverfault.com/a/461865
|
||||
# & OpenSSH_8.4p1
|
||||
Match User mikaela
|
||||
PasswordAuthentication no
|
||||
AuthenticationMethods publickey
|
||||
Match All
|
@ -1,5 +0,0 @@
|
||||
# User Mikaela hates passwords and will only use keys.
|
||||
Match User mikaela
|
||||
PasswordAuthentication no
|
||||
AuthenticationMethods publickey
|
||||
Match All
|
@ -1,5 +1,9 @@
|
||||
# This is the opposite of mikaela-prohibit-password.conf and shouldn't be
|
||||
# used, that is why it's in comments
|
||||
# used, that is why it's in comments.
|
||||
|
||||
# As of OpenSSH_8.4p1 this may be the only way this works, with globally
|
||||
# blocking passwords, but accepting only specific users to use passwords.
|
||||
# https://serverfault.com/a/461865 OpenSSH_8.4p1
|
||||
|
||||
#Match User someone
|
||||
# PasswordAuthentication yes
|
||||
|
Loading…
Reference in New Issue
Block a user