Show Contents / Index / Search

Configure Password User Authentication

Password authentication is supported by default; no configuration is required on either the server or the client to use this authentication method.

Follow these procedures if you want to modify the default server or client configuration.

To configure password authentication on the client

  1. Open the client configuration file (/etc/ssh2/ssh2_config) in a text editor.
  2. Edit the AllowedAuthentications keyword. For example:

    To

    Do this

    Require password authentication

    Edit the allowed list to include only password authentication:

    AllowedAuthentications=password

     

    Deny both keyboard interactive and password authentication

    Remove these methods from the allowed list. For example:

    AllowedAuthentications=gssapi-with-mic,publickey

To configure password authentication on the server

  1. Open the server configuration file (/etc/ssh2/sshd2_config) in a text editor.
  2. Edit either AllowedAuthentications or RequiredAuthentications.

    To

    Do This

    Require password authentication

    Use the following command:RequiredAuthentications=password

     

    Deny both password and keyboard interactive authentication

    Remove these methods from the allowed list. For example:

    AllowedAuthentications=gssapi-with-mic,publickey

  3. (Optional) Use PasswordGuesses to change the maximum number of attempts a user is allowed for password authentication. (The default is 3.) For example:

    PasswordGuesses=5

Related Topics

Configure Keyboard Interactive User Authentication