I have a headless debian linux machine running the ThinLinc server which I only access via the macOS client using
In my host’s
sshd_config file, I have set
PasswordAuthentication to no but the ThinLinc web client still allows access to the linux machine using direct
How do i disable
PasswordAuthentication for ThinLinc Web Access?
Hello @navtoj, and welcome to the ThinLinc community!
ThinLinc Webaccess does not use sshd for authentication, so any settings made to sshd_config won’t affect Webaccess.
You would need to configure PAM to change authentication settings for ThinLinc Webaccess.
/etc/pam.d/ you’ll find a that
thinlinc is a symlinc to
sshd pam configuration. To make modifications (without disrupting the sshd PAM config), simply remove thinlinc symlinc and copy sshd to thinlinc and make modifications to this file.
This is a bit out of scope for what type of support we can provide and have knowledge of. But keep in mind that Password authentication and One Time password are the only supported types of authentications for webbaccess:
Pubkey auth won’t work in Webaccess.
In that case, is there a way to disable web access and only allow access through the macOS client?
Yes, of course!
$ sudo systemctl stop tlwebaccess
$ sudo systemctl disable tlwebaccess