yahoo-eng-team team mailing list archive

[Eric Swanson <1865082@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Cloud Provider: DigitalOcean
Expected: ssh_pwauth: no will only disable PasswordAuthentication globally in /etc/ssh/sshd_config
Actual: ssh_pwauth also disables PasswordAuthentication under a MatchUsers block where I'd like it to remain enabled

Complicating factor: I am actually not passing `ssh_pwauth: no`
explicitly anywhere. DigitalOcean seems to be passing it themselves
because I am providing an SSH key. I'd actually be fine with totally
disabling the `ssh_pwauth` feature in my image, as I have already passed
a fully-configured sshd_config.

** Affects: cloud-init
     Importance: Undecided
         Status: New

** Attachment added: "cloud-init.tar.gz"
   https://bugs.launchpad.net/bugs/1865082/+attachment/5331716/+files/cloud-init.tar.gz

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1865082

Title:
  ssh_pwauth: no disables PasswordAuthentication in MatchUsers block as
  well as globally

Status in cloud-init:
  New

Bug description:
  Cloud Provider: DigitalOcean
  Expected: ssh_pwauth: no will only disable PasswordAuthentication globally in /etc/ssh/sshd_config
  Actual: ssh_pwauth also disables PasswordAuthentication under a MatchUsers block where I'd like it to remain enabled

  Complicating factor: I am actually not passing `ssh_pwauth: no`
  explicitly anywhere. DigitalOcean seems to be passing it themselves
  because I am providing an SSH key. I'd actually be fine with totally
  disabling the `ssh_pwauth` feature in my image, as I have already
  passed a fully-configured sshd_config.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1865082/+subscriptions