Bug 2525

Summary: SSH on *.mageia.org should not have password authentication
Product: Infrastructure Reporter: Olav Vitters <olav>
Component: OthersAssignee: Sysadmin Team <sysadmin-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: dan, marja11, misc, sysadmin-bugs
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description Olav Vitters 2011-08-27 22:32:33 CEST 
Sugggest for all servers on *.mageia.org to have the following sshd_config option:
  PasswordAuthentication no

This as SSH public authentication is used anyway. In case of a new user, it is better to not even allow them to enter a password which wouldn't work anyway.
Comment 1 Michael Scherer 2011-08-30 14:06:23 CEST 
Well, I am not sure that everybody is familliar with ssh keys, especially since it used by less technical persons such as translators or artwork team member ( in the future ). So adding this would maybe increase the support burden.

CC: (none) => misc

Comment 2 Marja Van Waes 2011-11-08 08:11:51 CET 
(In reply to comment #1)
> Well, I am not sure that everybody is familliar with ssh keys, especially since
> it used by less technical persons such as translators or artwork team member (
> in the future ). So adding this would maybe increase the support burden.

Has anything been decided, or is this still being discussed?

CC: (none) => marja11

Nicolas Vigier 2012-01-13 23:23:12 CET

CC: (none) => boklm
Status: NEW => ASSIGNED

Nicolas Vigier 2014-03-24 10:52:32 CET

CC: boklm => (none)

Comment 3 Dan Fandrich 2024-02-13 07:45:13 CET 
Password authentication for ssh was disabled in 2016.

CC: (none) => dan
Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED