Hello, I was trying to find out how to disable ssh log-in using password, leaving enabled only authorized_keys. The guide says: "Also verify that you don't have UsePAM yes in your configuration file as it overrides the public key authentication mechanism." However, I have found that I can leave PAM on if I set "ChallengeResponseAuthentication" to "no" (which is not mentioned on that page). While looking at the page, I also checked the Apache part. On my freshly installed system, SSL is on by default, user & group is set to apache by default, and ServerTokens are set to "Prod" by default ... so it is superfluous to mention these options. Also, the configuration is not within the file /etc/apache/conf/apache.conf There may be other things on that page which would make sense to update ... Reproducible: Always
Thanks; I've updated the text to reflect this. Also verified that a pristine installation sets the various settings already.
Thanks, perfect.