Jump to content


Photo
- - - - -

sshd_config in Ubuntu 8.10 Question?


  • Please log in to reply
7 replies to this topic

#1 johnnymanson

johnnymanson

    SUP3R 31337

  • Members
  • 175 posts
  • Gender:Male
  • Location:Somewhere in NC, USA

Posted 03 March 2009 - 10:15 PM

I noticed the following line in the sshd_config file on a Ubuntu 8.10 box I was playing with.

#PasswordAuthentication yes

Is it normal for this to be commented out with the # sign?

SSH seems to be working normally, but I thought this was unusual.

#2 Ohm

Ohm

    I could have written a book with all of these posts

  • Members
  • 3,209 posts
  • Gender:Male
  • Location:Maine, USA

Posted 03 March 2009 - 10:50 PM

No idea why it's commented out, but it's on by default. Turning this off will only allow you to authenticate using some other method, like public key auth.

#3 johnnymanson

johnnymanson

    SUP3R 31337

  • Members
  • 175 posts
  • Gender:Male
  • Location:Somewhere in NC, USA

Posted 03 March 2009 - 11:41 PM

Password authentication seems to work with the line commented out. I've even restarted the daemon and no change to the authentication method. I'll probably try public key in the future to see how it works. Thanks for the comment.

#4 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 951 posts
  • Gender:Male

Posted 08 March 2009 - 07:59 PM

sshd_config has the default options commented out, er, by default. That is to say that un-commenting them won't change the behavior of anything -- I assume they just list the more commonly-changed ones there like that to make them easier to find and tweak.

Check out the man page, it is extremely thorough (and explicitly includes all the defaults for all the options, which is nice):
http://www.manpagez..../5/sshd_config/

#5 Rightcoast

Rightcoast

    mmm ... donuts

  • Agents of the Revolution
  • 2,074 posts
  • Gender:Male
  • Location:321

Posted 09 March 2009 - 09:36 AM

Yep, as mirrorshades said, the defaults work regardless in a default install. If you are more interested in tweaking sshd_config and using key auth, you can check this out for some guidelines and things I do to further harden my install, and how to set up key pairs, automation, etc.

http://www.docdroppe...SSH_Effectively

#6 johnnymanson

johnnymanson

    SUP3R 31337

  • Members
  • 175 posts
  • Gender:Male
  • Location:Somewhere in NC, USA

Posted 09 March 2009 - 11:28 AM

Thanks for the help guys.

#7 mirrorshades

mirrorshades

    aviatorglasses

  • Agents of the Revolution
  • 951 posts
  • Gender:Male

Posted 10 March 2009 - 05:02 PM

Always be cautious when tweaking sshd_config remotely. :)

Actually, I believe you can do a kill -HUP to restart the sshd process without terminating your existing connection... then try to connect again and if it doesn't work, then change it back!

#8 johnnymanson

johnnymanson

    SUP3R 31337

  • Members
  • 175 posts
  • Gender:Male
  • Location:Somewhere in NC, USA

Posted 10 March 2009 - 08:15 PM

I haven't tried to tweak it remotely. I learned that lesson a long time ago with Terminal Server.




BinRev is hosted by the great people at Lunarpages!