Please double-check your /etc/ssh/sshd_config file

[Matthew Dillon]

There appears to be a bit of snafu where the sshd defaults are not what we
thought they were.  We wanted cleartext password authentication to be
disabled by default (that is, have sshd only use public key pairs), but it
appears that it might be enabled by default.

If you do not use cleartext password authentication for remote logins
please be sure to disable it.  in /etc/ssh/sshd_config.  Many people with
workstations use a simple password to login to X which they do not intend
to be usable for remote logins into the machine.

PasswordAuthentication no

and kill and restart /usr/sbin/sshd.  sshd can be restarted without killing
existing sessions by killing the main server by its pid, then running
'/usr/sbin/sshd' to start it up again.  sshd does not have to be recompiled.

-Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20170317/71658b33/attachment-0001.htm>