Thread: authpf setup
View Single Post
  #9   (View Single Post)  
Old 31st January 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Further hints and suggestions
  • Don't use authpf.allow unless you have a specific requirement for it. Yours was empty, and as I stated at the start of this thread, if you have this file, only userids listed within will be permitted to authenticate. If you have still have this empty file, no userid will be able to authenticate. Delete it.
  • I recommend assigning each user their own userid for authentication, and choosing an SSH authentication method that meet your security requirements for assured authentication.
  • I always recommend using public key authentication over passwords for authentication, but the choice is yours (and your auditors, if applicable).
  • SSH public key authentication can optionally use passphrases. This may be useful where two-factor authentication is required or desired.

Last edited by jggimi; 31st January 2012 at 01:11 PM.
Reply With Quote