Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- OpenSSH: force password authentication
June 23, 2004, 7:10 pm
rate this thread
I set up passwordless public key authentication from a client to a
server to run an automated backup job (rsync).
I am running OpenSSH 3.6.1p2 on Red Hat Enterprise Linux 3.
I set up the public key with a forced command on the server, in order to
run validating script and only allow the backup task, otherwise it will
close the ssh connection, and It works fine.
But sometimes I need to connect to the server via ssh to run some
interactive commands and would like to use password authentication for that.
Right now that is not possible, since when I try to connect to the
server via ssh, the ssh client will pick up the PKI authentication first
and the forced command (validating script) on the server won't allow me
an interactive session, it will close the ssh connection.
Is there any way to force the ssh client to use password authentication
first only for interactive sessions? E.g. a command line switch or
something like that ...
Thanks for your help.
Re: OpenSSH: force password authentication
And unstated, I suppose you also set up a private key on the local
client in the default location for the client identity.
Take a look at the options available in the ssh_config file.
One way is to have the restricted key not be in the default identity
file. Make the automated process reference it explicitly. (I do this
ssh -o IdentityFile=auto_backup ... or
ssh -i auto_backup ...
Another way is to change the attempted authentication methods.
ssh -o PreferredAuthentications=keyboard-interactive,password ...
Or just disable public key authentication.
ssh -o PubkeyAuthentication=no ...
Darren Dunham email@example.com
Senior Technical Consultant TAOS http://www.taos.com /
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
- » Oracle JDBC thin client does not work over SSH tunelling
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum