Bug #6963
SSH Keyboard-Interactive Authentication fails on 2.3.2/2.4
100%
Description
The ssh authentication "keyboard-interactive" method fails on 2.3.2 and 2.4
This is due to the use of UsePAM no
globally in sshd_config
keyboard-interactive is more secure than plain password authentication and is preferable for environments where using only key-based authentication is impractical.
Moving UsePAM no
to the code block for key-based only auth works for both cases and has the intended net effect.
To me, I have a commit pending.
Associated revisions
Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963
Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963
History
#1
Updated by Jim Pingle over 4 years ago
- Status changed from New to Feedback
I pushed a fix as stated. Works fine with and without key-based auth. Needs more testing once it hits snaps.
#2
Updated by Jim Pingle over 4 years ago
- % Done changed from 0 to 100
Applied in changeset b35fc4331ac78f9459db00be04dc6b077f168593.
#4
Updated by Jim Pingle about 4 years ago
- Target version changed from 2.4.0 to 2.3.3
#5
Updated by Jim Pingle about 4 years ago
- Affected Version changed from 2.4 to 2.3.3
Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963