How can I enable both password and public key authentication with OpenSSH

This is finally available as of OpenSSH 6.2 (released March 2013), using the AuthenticationMethods configuration option.

For instance, you may add the following line to sshd_config to require both public-key and password authentication:

AuthenticationMethods publickey,password

When logging in, ssh and scp will first perform public-key authentication, and then prompt for a password:

$ ssh [email protected]
Authenticated with partial success.
[email protected]'s password:

If you have a password on your private key file, you will of course first be prompted for that. Example using PuTTY:

Using username "user".
Authenticating with public key "rsa-key-20131221-user"
Passphrase for key "rsa-key-20131221-user":
Further authentication required
[email protected]'s password:

Not presently. But there are some patches floating around that are supposed to add this.

See https://bugzilla.mindrot.org/show_bug.cgi?id=983

How can I enable both password and public key authentication with OpenSSH

Tags:

Authentication

Ssh

Public Key

Password

Related

Recent Posts