<br><tt><font size=2>freenx-knx-bounces@kde.org wrote on 02/08/2013 10:25:55:<br>
<br>
> In fact I did a bit more tests but I couldn't get the "match"
<br>
> configuration working.</font></tt>
<br><tt><font size=2>> <br>
> It seems to be like this</font></tt>
<br><tt><font size=2>> <br>
> 1) user authenticates via SSH with identity "nx" and the
dsa key from his IP</font></tt>
<br><tt><font size=2>> 2) the user then authenticates via SSH with his
account and password<br>
> coming this time from localhost ===> i thought this would work
with <br>
> only his password, without public keys ==> but for some reason
it <br>
> seems like there's still public key authentication going on, and it
<br>
> does not work for users who don't have their public key in <br>
> authorized_keys of their home</font></tt>
<br><tt><font size=2>> <br>
> I can't figure out why it goes like this, but then I decided to try
<br>
> with a double SSH daemon, and that works fine, it seems.</font></tt>
<br>
<br><tt><font size=2>Did you put ( also )</font></tt>
<br>
<br><tt><font size=2> ChallengeResponseAuthentication
no</font></tt>
<br><tt><font size=2> GSSAPIAuthentication
no</font></tt>
<br><tt><font size=2> HostbasedAuthentication
no</font></tt>
<br><tt><font size=2> KerberosAuthentication
no</font></tt>
<br><tt><font size=2> PubkeyAuthentication
no</font></tt>
<br><tt><font size=2> RhostsRSAAuthentication
no</font></tt>
<br><tt><font size=2> RSAAuthentication
no</font></tt>
<br><tt><font size=2> IgnoreUserKnownHosts
yes</font></tt>
<br><tt><font size=2> IgnoreRhosts yes</font></tt>
<br><tt><font size=2> PermitEmptyPasswords
no</font></tt>
<br><tt><font size=2> UsePrivilegeSeparation
yes</font></tt>
<br><tt><font size=2> PermitRootLogin
no</font></tt>
<br><tt><font size=2> (see the
pam blurb about this one)</font></tt>
<br>
<br><tt><font size=2>inside the match body ??</font></tt>
<br>
<br><tt><font size=2>It should still have fallen back to</font></tt>
<br><tt><font size=2> PasswordAuthentication</font></tt>
<br><tt><font size=2>tho'</font></tt>
<br><tt><font size=2>so I don't think I'll be bothering with it . . . </font></tt>
<br>
<br>