Avoiding sending clear text passwords

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


I try to set up a reasonable configuration for both the client and
the host.

The not-commented-out lines in my /etc/ssh/sshd_config are:

RSAAuthentication yes
PasswordAuthentication no
X11Forwarding yes
UsePrivilegeSeparation no
Subsystem    sftp    /usr/lib/ssh/sftp-server

Is it correct that the *only* way to estabish a connection is to
append certificates in the authorized-keys file?

Actually I also need the possibility of passwords.  Would
PasswordAuthentication yes
a clean and secure way to do so?  In particular, the comment in
sshd_config says

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no

which sounds not very encouraging.  I thought ssh prevented
passwords fom being sent in clear text.

Thank you!


Torsten Bronger, aquisgrana, europa vetus

Site Timeline