ssh_pwauth: false fails to disable challenge/response authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Expired
|
Medium
|
Unassigned |
Bug Description
cc_set_passwords.py interprets the ssh_pwauth boolean configuration option, and depending on its setting will either enable, disable, or not touch the PasswordAuthent
This neglects to also set ChallengeRespon
How to best address this is tricky. Obviously, "ssh_pwauth: false" should disable both PasswordAuthent
What complicates matters still is that one of the affected systems that ship with "ChallengeRespo
description: | updated |
description: | updated |
Changed in cloud-init: | |
status: | New → Confirmed |
importance: | Undecided → Low |
importance: | Low → Medium |
information type: | Public → Public Security |
Tracked in Github Issues as https:/ /github. com/canonical/ cloud-init/ issues/ 2837