|Subject:||[Jailkit-users] Question on keyboard interactive versus password authentication|
|Date:||Fri, 2 Jun 2006 10:37:17 -0700|
My default setup of Jailkit on a Suse Linux 9.3 has PasswordAuthentication set to no. I have a vendor who has struggled with connecting to our SFTP site until they realized that password authentication was set to no and that they needed to utilize keyboard-interactive. They have requested I set PasswordAuthentication to yes. I have researched this and the only negative I see is that it may allow the user to change their password if I turn on PasswordAuthentication as a method to connect. This is sufficient for me to leave it off, however I would like to know if there are any other consequences to turning it on (to have more reasons to leave it off) and is this the only way to make password authentication function?
As background my intent is to have a site that only allows SFTP connections. I do not allow user shell access or functionality.
Your assistance is greatly appreciated.
541.955.9565 (ext. 109)
Notice - The information
contained in this electronic mail and any attachments is intended for the sole
use of the intended recipient(s), and may contain confidential and privileged
information protected by laws of the State of
|[Prev in Thread]||Current Thread||[Next in Thread]|