X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/9c696d0dd4f609cc48789fff0da7446d1f9c6f0d..c4186be7519e511cdcaa7b255a1c1314497fc668:/sshd_config.5

diff --git a/sshd_config.5 b/sshd_config.5
index 3e198dfa..aa7b7c7d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -305,10 +305,6 @@ To disable keepalives, the value should be set to
 .It Cm KerberosAuthentication
 Specifies whether Kerberos authentication is allowed.
 This can be in the form of a Kerberos ticket, or if
-.It Cm PAMAuthenticationViaKbdInt
-Specifies whether PAM challenge response authentication is allowed. This
-allows the use of most PAM challenge response authentication modules, but
-it will allow password authentication regardless of whether
 .Cm PasswordAuthentication
 is yes, the password provided by the user will be validated through
 the Kerberos KDC.
@@ -425,6 +421,12 @@ The probability increases linearly and all connection attempts
 are refused if the number of unauthenticated connections reaches
 .Dq full
 (60).
+.It Cm PAMAuthenticationViaKbdInt
+Specifies whether PAM challenge response authentication is allowed. This
+allows the use of most PAM challenge response authentication modules, but
+it will allow password authentication regardless of whether
+.Cm PasswordAuthentication
+is enabled.
 .It Cm PasswordAuthentication
 Specifies whether password authentication is allowed.
 The default is