Join Log in
Score:1
David avatar Server

Disabling GSSAuthentication in sshd_conf has no effect

cn flag
David

I'm using a fresh install of the most recent build of RockyLinux 9. I'm trying to disable GSSAPI for SSH based login, along with passwords and permit only public key based login. Setting GSSAPIAuthentication no in sshd_conf doesn't appear to actually disable it, based on the output from the ssh client prompt. Are there any other configuration parameters necessary?

$ grep -i gss /etc/ssh/sshd_config
# GSSAPI options
GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no

# service sshd restart

#on an another host
$ ssh [email protected]
[email protected]: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
248
1 + 2
ssh
fr flag
Tomek
What do you have in /etc/ssh/sshd_config.d? 50-redhat.conf seems to enable it and it is included early on. As far as I remember the first occurence in sshd_config wins.
0
Reply
David avatar
cn flag
David
I haven't used a redhat based system in some time this must be a new thing. But setting `GSSAPIAuthentication no` in `50-redhat.conf` fixed the problem. If you put this in an answer I'll accept it. Thanks.
0
Reply
Score:2
avatar Server
fr flag
Tomek

What do you have in /etc/ssh/sshd_config.d? 50-redhat.conf seems to enable it and it is included early on. As far as I remember the first occurrence in sshd_config wins.

Following on the comment: please have a look at Include config directive for both ssh_config and sshd_config. It's been there since at least RHEL 8 for ssh_config and was introduced in RHEL 9 for sshd_config.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.