31st January 2012
|
|
More noise than signal
|
|
Join Date: May 2008
Location: USA
Posts: 7,983
|
|
Further hints and suggestions
- Don't use authpf.allow unless you have a specific requirement for it. Yours was empty, and as I stated at the start of this thread, if you have this file, only userids listed within will be permitted to authenticate. If you have still have this empty file, no userid will be able to authenticate. Delete it.
- I recommend assigning each user their own userid for authentication, and choosing an SSH authentication method that meet your security requirements for assured authentication.
- I always recommend using public key authentication over passwords for authentication, but the choice is yours (and your auditors, if applicable).
- SSH public key authentication can optionally use passphrases. This may be useful where two-factor authentication is required or desired.
Last edited by jggimi; 31st January 2012 at 01:11 PM.
|