[vox-tech] sshd_config and PasswordAuthentication
Jay Strauss
me at heyjay.com
Thu Jul 7 06:57:30 PDT 2005
Hi,
I have a sveasoft box, and in order to ssh from the sveasoft to a target
box, the target box must have PasswordAuthentication yes in the
/etc/ssh/sshd_config file.
I don't understand what that config option actually does. The config
file has:
# To disable tunneled clear text passwords, change to no here!
Does this mean you can send clear text passwords to login?
Does this mean that when you build a tunnel, passwords are sent clear
text to the forwarded app?
Since I'm on Sarge, and debian seems to be security conscious as a
default is setting this to "yes" a security risk?
Thanks
Jay
More information about the vox-tech
mailing list