This guide will explain the quick and easy procedure for disabling keyboard/password authentication for ssh on your Accelerator. Some people prefer to use public key authentication instead of just a password, so it is harder to compromise your account. If you use a key pair that requires its own passphrase, your account will be protected against unauthorized access even if the computer you store the private key on is compromised or stolen.

1. This guide assumes no other changes to the ssh configuration has been made (specifically, it assumes no one has disabled public key based authentication, which is enabled by default).
2. You should be able to login using your public/private ssh key pair.
   See Generating SSH Keys in the SSH Guide for more information on setting this up.
   Do NOT proceed without making sure this works.

• Login to your Accelerator as admin.
• Type: sudo nano /etc/ssh/sshd_config and enter your admin password.
• Make the following changes

• Press Ctrl-X, type Y, press Enter to save these changes.
• Type sudo svcadm refresh svc:/network/ssh:default to make sshd pickup your changes.
• All done.

• The above steps edit the configuration file for the ssh daemon running on your Accelerator.
• We changed it so that it does not permit what is called “Keyboard Interactive” authentication.
• The PAMAuthenticationViaKBDInt yes must change, as it will override the PasswordAuthentication no directive.
• Finally, the changes are saved and we use the built-in Solaris facility (SMF) to have the ssh daemon reread the configuration to pickup the changes.