Set this to enable PAM authentication, account processing, and session processing.
If this is enabled, PAM authentication will be allowed through the ChallengeResponseAuthentication mechanism.
Depending on your PAM configuration, this may bypass the setting of PasswordAuthentication, PermitEmptyPasswords, and "PermitRootLogin without-password".
If you just want the PAM account and session checks to run without PAM authentication, then enable this but disable ChallengeResponseAuthentication
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\ssh |
Value Name | UsePAM |
Value Type | REG_SZ |
Enabled Value | yes |
Disabled Value | no |
NOTICE:
Make sure the OpenSSH version is supported. Setting this
property on an unsupported version will render the OpenSSH
server unable to start.