So I am trying to setup my xserve running OSX Server 10.2.3(*.4 soon) to allow connections through ssh using only by public key authentication not passwords.I have already setup .ssh/authorized_keys and can connect using the ñi ~/flag with no snags.However even though I have tried to edit /etc/sshd_config changing ì#PasswordAuthenticationî from ìyesî to ìnoî it still seems that I can connect to my (admin) account with out my private key being required(i.e. from a machine without the key installed).Am I missing something in the config file(perhaps I have disabled it for protocol 1 but not 2?).My only other thought is that I am sshing in to change /etc/sshd_config and that it(the sshd) is perhaps overwriting my settings with the current settings but I would assume that sshd would just read the changes after I rebooted the machine (it didnít when I tryed).
So to finish up here are a couple of facts that might help with a answer.
I know that the key is encrypted and that it asks for a password to decrypt it I am not mixing that up with normal password authentication 🙂
I am doing this so all users will have to have a private key(created on a per user basis) to connect to the server,since public key works now I could just ask them to access it that way but I want to make it a requirement.
I swear this is possible, I believe I have seen this on Unix systems setup in a similar fashion. If its not please tell me so I donít waste my time ,heh.
I have root access to the machine .
If some one has this running please post you /etc/sshd_config file(minus any info that would compromise you setup ofcourse)
Do I have it all a*s backwards? Is this not the right property (#PasswordAuthentication) in /etc/sshd_config to change? Or does the osx sshd read from some other file than /etc/sshd_config?
Thanks
.
.
Comments are closed