Enable PAM authentication

Set this to enable PAM authentication, account processing, and session processing.
If this is enabled, PAM authentication will be allowed through the ChallengeResponseAuthentication mechanism.
Depending on your PAM configuration, this may bypass the setting of PasswordAuthentication, PermitEmptyPasswords, and "PermitRootLogin without-password".
If you just want the PAM account and session checks to run without PAM authentication, then enable this but disable ChallengeResponseAuthentication

Supported on:

Registry PathSoftware\Policies\Centrify\ssh
Value NameUsePAM
Value TypeREG_SZ
Enabled Valueyes
Disabled Valueno


Make sure the OpenSSH version is supported. Setting this

property on an unsupported version will render the OpenSSH

server unable to start.


Administrative Templates (Computers)

Administrative Templates (Users)