Which of the following sshd configuration should be set to no in order to fully disable password based logins? (Choose two.)
Which of the following sshd configuration should be set to no in order to fully disable password based logins? (Choose two.)
To fully disable password-based logins in the sshd configuration file, you should set both `PasswordAuthentication` and `ChallengeResponseAuthentication` to 'no'. `PasswordAuthentication` directly controls whether password authentication is allowed, while `ChallengeResponseAuthentication` controls whether challenge-response authentication methods (often involving passwords) are permitted. Setting these two options to 'no' ensures that all password-based methods of authentication are disabled.
B. ChallengeResponseAuthentication typo...not that it exactly matters.... :)
It Matters. To fully disable it. https://blog.tankywoo.com/linux/2013/09/14/ssh-passwordauthentication-vs-challengeresponseauthentication.html
B and E is correct. PasswordAuthentication: Specifies whether password authentication is allowed. ChallengeResponseAuthentication: Specifies whether challenge-response authentication is allowed (e.g. via PAM or though authentication styles supported in login.conf(5)) https://linux.die.net/man/5/sshd_config
B and E is correct. The PAMAuthentication, PermitPlaintextLogin and UsePasswords options don't even exist in the sshd_config file