Openssh default config has two PasswordAuthentication params
Bug #1887016 reported by
Rulon Oboev
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openssh (Ubuntu) |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
In Ubuntu server 20.04 the /etc/ssh/
It can lead to security problems, because there's already one string `# PasswordAuthent
But if the user uncomments this string and set in to "no", it will be overriden by the last line of config.
| description: | updated |
To post a comment you must log in.

Hello Rulon, can you please double-check where your openssh-server package came from? I don't have this "PasswordAuthen tication yes" in any of my 20.04 systems, and a very quick look at the current package doesn't show this:
$ apt-get download openssh-server wopr.domain/ ubuntu focal-updates/main amd64 openssh-server amd64 1:8.2p1-4ubuntu0.1 [377 kB] server_ 1%3a8.2p1- 4ubuntu0. 1_amd64. deb tication yes" openssh/ sshd_config: #PasswordAuthen tication yes
Get:1 http://
Fetched 377 kB in 0s (1,097 kB/s)
$ mkdir openssh-server
$ cd openssh-server
$ ar x ../openssh-
$ tar xf control.tar.xz
$ tar xf data.tar.xz
$ grep -r "PasswordAuthen
usr/share/
Of the versions of openssh that are on my local archive mirror, none of the sshd_config files had this line uncommented:
$ rg "PasswordAuthen tication yes" -g '**/sshd_config' 5.9p1-5ubuntu1. 10/sshd_ config hentication yes
openssh_
64:#PasswordAut
openssh_ 7.2p2-4ubuntu2. 9/sshd_ config hentication yes
72:#PasswordAut
openssh_ 7.2p2-4ubuntu2. 10/sshd_ config hentication yes
72:#PasswordAut
openssh_ 6.6p1-2ubuntu1/ sshd_config hentication yes
73:#PasswordAut
openssh_ 5.9p1-5ubuntu1/ sshd_config hentication yes
64:#PasswordAut
openssh_ 8.0p1-4/ sshd_config hentication yes
56:#PasswordAut
openssh_ 8.0p1-6ubuntu0. 1/sshd_ config hentication yes
56:#PasswordAut
openssh_ 6.6p1-2ubuntu2. 13/sshd_ config hentication yes
73:#PasswordAut
openssh_ 7.7p1-4ubuntu0. 3/sshd_ config hentication yes
56:#PasswordAut
openssh_ 7.7p1-4/ sshd_config hentication yes
56:#PasswordAut
openssh_ 8.2p1-4ubuntu0. 1/sshd_ config hentication yes
58:#PasswordAut
openssh_ 7.6p1-4ubuntu0. 3/sshd_ config hentication yes
56:#PasswordAut
openssh_ 7.6p1-4/ sshd_config hentication yes
56:#PasswordAut
openssh_ 7.2p2-4ubuntu2. 8/sshd_ config hentication yes
72:#PasswordAut
openssh_ 8.3p1-1/ sshd_config hentication yes
58:#PasswordAut
openssh_ 8.1p1-5/ sshd_config hentication yes
56:#PasswordAut
openssh_ 7.6p1-4ubuntu0. 4/sshd_ config hentication yes
56:#PasswordAut
openssh_ 7.9p1-10/ sshd_config hentication yes
56:#PasswordAut
openssh_ 7.2p2-4/ sshd_config hentication yes
72:#PasswordAut
openssh_ 8.0p1-4build1/ sshd_config hentication yes
56:#PasswordAut
openssh_ 8.0p1-6build1/ sshd_config hentication yes
56:#PasswordAut
openssh_ 8.2p1-4ubuntu1/ sshd_config hentication yes
58:#PasswordAut
openssh_ 8.1p1-1/ sshd_config hentication yes
56:#PasswordAut
openssh_ 8.2p1-4/ sshd_config hentication yes
58:#PasswordAut
How was this system installed? Was it customized by an ISP or cloud provider? Were any programs installed outside of the Ubuntu Archive that might have such a configuration change as part of an install script?
Thanks