Restricting sshd to private key authentication on OS X 10.6

Mostly just a note for next time I have to do this.

Actions:

1) Edit /etc/sshd_config

``

cd /etc/
sudo cp sshd_config sshd_config.orig
sudo cat 'ChallengeResponseAuthentication no' >>sshd_config

2) Enable ssh

Go to sharing preferences and enable ssh for the relevant users.

Background

That should do it, other options are already ok by default: ``

# To disable tunneled clear text passwords, change to no here! Also,
# remember to set the UsePAM setting to 'no'.
#PasswordAuthentication no
#PermitEmptyPasswords no

Note that the comment is completely incosistent: the default is already ‘no’, and there is no need to set UsePAM no, as described further down in the config file.

comments powered by Disqus