How to disabled password authentication for specific users in SSHD

Posted by Nick on Server Fault See other posts from Server Fault or by Nick
Published on 2011-07-01T13:11:53Z Indexed on 2011/07/01 16:24 UTC
Read the original article Hit count: 230

Filed under:
|
|
|

I have read several posts regarding restricting ALL users to Key authentication ONLY, however I want to force only a single user (svn) onto Key auth only, the rest can be key or password.

I read How to disable password authentication for every users except several, however it seems the "match user" part of sshd_config is part of openssh-5.1. I am running CentOS 5.6 and only have OpenSSH 4.3. I have the following repos available at the moment.

$ yum repolist
Loaded plugins: fastestmirror
repo id                            repo name                                                                         status
base                               CentOS-5 - Base                                                                   enabled:  3,535
epel                               Extra Packages for Enterprise Linux 5 - x86_64                                    enabled:  6,510
extras                             CentOS-5 - Extras                                                                 enabled:    299
ius                                IUS Community Packages for Enterprise Linux 5 - x86_64                            enabled:    218
rpmforge                           RHEL 5 - RPMforge.net - dag                                                       enabled: 10,636
updates                            CentOS-5 - Updates                                                                enabled:    720
repolist: 21,918

I mainly use epel, rpmforge is used to the latest version (1.6) of subversion.

Is there any way to achieve this with my current setup? I don't want to restrict the server to keys only because if I lose my key I lose my server ;-)

© Server Fault or respective owner

Related posts about security

Related posts about svn