ssh: Reduce sshd_config diffs against OpenSSH 10.0p2
Upstream had a poor description for KbdInteractiveAuthentication prior to the 10.0p2 release. We use KbdInteractiveAuthentication for PAM authentication, and we replaced the poor description with a note about use by PAM. In 10.0p2 the upstream description has been fixed. Incorporate that text now as it is an improvement and avoids a conflict in the upcoming 10.0p2 import. Reviewed by: jhb Sponsored by: The FreeBSD Foundation
This commit is contained in:
@@ -56,12 +56,15 @@ AuthorizedKeysFile .ssh/authorized_keys
|
||||
# Don't read the user's ~/.rhosts and ~/.shosts files
|
||||
#IgnoreRhosts yes
|
||||
|
||||
# Change to yes to enable built-in password authentication.
|
||||
# Change to "yes" to enable built-in password authentication.
|
||||
# Note that passwords may also be accepted via KbdInteractiveAuthentication.
|
||||
#PasswordAuthentication no
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to no to disable PAM authentication
|
||||
# Change to "no" to disable keyboard-interactive authentication. Depending on
|
||||
# the system's configuration, this may involve passwords, challenge-response,
|
||||
# one-time passwords or some combination of these and other methods.
|
||||
# Keyboard interactive authentication is also used for PAM authentication.
|
||||
#KbdInteractiveAuthentication yes
|
||||
|
||||
# Kerberos options
|
||||
|
||||
Reference in New Issue
Block a user