On Sun, Feb 13, 2005 at 11:54:15PM -0600, Gene wrote:
<snip - problem: sshd apparently allowing passwordless logins>
> >Also, check to make sure your ssh client is not sending an RSA key for
> >authentication. I think that one is enabled by default. If you want to
> >force passwords, make sure you aren't using RSA keys.
> >
> If disable RSA keys in the config file, but the problem persists.
How about running the client in verbose mode, or perhpas the server,
too. I don't know what sort of verbosity options putty has, but the
standard openssh client can take a -v argument (repeated up to 3 times
for maximum verbosity. The server can also be launced in the foregroud
with debugging option -d, which like the client can be specified up to 3
times. The messages that come are displayed for both the client and
server are a bit cryptic sometimes, but they are human readable and may
well give you a place to start looking.

Nathan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCEQxXO0ZIEthSfkkRAiSZAJ4lL8GN317Bg7dH/4aRzxEj0nMR/gCfSVdO
B+htViyrIdyZWNSPEyutJ3s=
=xjIo
-----END PGP SIGNATURE-----