5
1
How can I configure the OpenSSH server (on Ubuntu) to allow keyboard-interactive but not password authentication?
I know that public-key-authentication is the preferred one, but I want to test a user setup.
Mike L.
Posted 2011-09-20T07:45:28.193
Reputation: 4 539
3
Set
ChallengeResponseAuthentication=yes
in your sshd.conf
Rob Cowell
Posted 2011-09-20T07:45:28.193
Reputation: 1 273
7
You need to configure PAM for use with OPIE or OTPW, depending on your Ubuntu version. Once you have a one-time password system in place and properly configured via the /etc/pam.d/sshd module, then you can setup SSH to make use of it.
# /etc/ssh/sshd_config
PasswordAuthentication no
ChallengeResponseAuthentication yes
Don't forget to reload SSH after making changes to the configuration file; otherwise, your changes will not take effect.
CodeGnome
Posted 2011-09-20T07:45:28.193
Reputation: 1 841
@BennyInc try looking at AuthenticationMethod in sshd_config it looks like they are distinct. – barlop – 2014-12-08T03:12:13.290
keyboard-interactive but not password authentication? Can you rephrase that? – BennyInc – 2011-09-20T11:56:35.807