sshd_config
sshd_config file:
To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
"PasswordAuthentication yes" is the default value. we don't need add "PasswordAuthentication yes" as shown below?
To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication yes (adding this line is not necessary right?)
Responses
Hello, in RHEL7 , I looked in /etc/ssh/ssh_config and saw:
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
and further down this:
# PasswordAuthentication yes
and further down this:
PubkeyAuthentication yes
So it seems "PubkeyAuthentication yes" is enabled by default.
Then I looked in manual page ssh_config and found:
PasswordAuthentication
Specifies whether to use password authentication. The argument to this keyword must be 'yes' or 'no'. The default is 'yes'.
When something is a default value in OpenSSH (or other services, for that matter), one generally need not explicitly specify the configuration item and value for it to be active.
That said, if you need to subject your systems to compliance scanning, some scan-tools don't care about defaults and will declare a configuration-failure if the item is not explicitly set.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
