v1 - /etc/ssh/sshd_config no longer used?
developedsoftware opened this issue · 3 comments
Just updated to v1 and my config file found at /etc/ssh/sshd_config is no longer being read
(for example disabling password authentication)
sshpiperd never read upstream's /sshd_config
but I think the scenario is the upstream had password disabled and sshpiperd still asks for password.
the reason is in v1, sshpiperd has no idea about upstream before user sends any auth method
To support more complex routing in v1, sshpiper holds the auth and reads more info, publickey, from downstream to determine which upstream to use.
similarly, v1 also support routing by different password.
However, it does not make any sense that sshpiper asks for password if no upstream supports password.
To workaround it, I will add a option to workingdir plugin to disable password globally
Does that work for you?
Yeah should be fine. My config file is below (works with v0)
AuthenticationMethods being the relevant line here
/etc/ssh/sshd_config
AuthenticationMethods publickey
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no
PermitRootLogin prohibit-password