Once you add a key to a user they can no longer log in via ssh with a password so it does apply for that user. As for a default setting for all users, it doesn’t seem so but might be a damned good thing for Mikrotik to get onto rather quickly. For now I guess you could put a dud key into every user via a script. Cheers, Andrew
On 24 Apr 2018, at 8:22 am, Karl Auer <kauer@nullarbor.com.au> wrote:
On Mon, 2018-04-23 at 20:51 +0000, Thomas Jackson wrote:
In any case, we firewall off the admin ports from external sources
Yes - it's nice to be able to be smug :-)
If bug like this ever shows up in their ssh implementation, we are doomed indeed.
Also, does ROS allow publickey-only ssh? It doesn't seem to...
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160
GPG fingerprint: 8454 EE43 6215 B6DD 1B4D 9D8D 984D 7BA1 7378 A38D Old fingerprint: 58F8 09D4 97E4 D74A 0940 44BC 8D6D C28C 3BC9 B0CB
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au