On 12/30, Grant Ellis wrote:
> I need to enable password login directly from the console, but only key
> login via SSH. Unfortunately, for my purposes, the autologin feature will
> not work because a password is required. That is, I need to provision
> CoreOS so that users can log in via SSH using a keypair (but not a
> password), and can also login from the physical console using a password.
This can be done by setting ChallengeResponseAuthentication and
PasswordAuthentication to 'no'.
You can replace /etc/ssh/sshd_config (a symlink to
/usr/share/ssh/sshd_config) with a file containing the following:
Include /usr/share/ssh/sshd_config
PasswordAuthentication no
ChallengeResponseAuthentication no
This will amend the default config in /usr/share/ssh/sshd_config and
disable password auth for SSH only.
-Alex