how do I disable pam authentication for gitolite user

StackOverflow https://stackoverflow.com/questions/9135254

Question

I have gitolite setup on a RHEL linux host. It is functional and it's doing its job of accepting ssh keys.

I've instructed my users to use tortoisegit as the management tool of their repositories. This is because tortoisegit comes with a ssh key generator, and the pageant. With the pageant running, and their key loaded, it works fine.

BUT.

some of the users forget to load the key, and they get a popup asking for the gitolite user password. dialog title:TortoisePlik content: git@servername.com password: image of dialog: http://i.imgur.com/Vbbk7.png

is there a way I could deny this dialog by changing a configuration on the server side, like in pam or sshd?

Was it helpful?

Solution

SSH authentication methods are configured in the SSH server; for OpenSSH – /etc/ssh/sshd_config.

As described in sshd_config(5), certain options can be set in a Match block. Add a Match User git block, and inside it disable password and keyboard-interactive authentication methods:

Match User git
    PasswordAuthentication no
    KbdInteractiveAuthentication no

OTHER TIPS

If you're trying to restrict clients to publickey auth only, you can use the following match statement:

Match User git
    AuthenticationMethods publickey
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top