From owner-freebsd-security@FreeBSD.ORG Thu Feb 26 07:38:17 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC69316A4CE for ; Thu, 26 Feb 2004 07:38:17 -0800 (PST) Received: from smtp3b.sentex.ca (smtp3b.sentex.ca [205.211.164.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 85C8343D3F for ; Thu, 26 Feb 2004 07:38:17 -0800 (PST) (envelope-from mike@sentex.net) Received: from avscan1.sentex.ca (avscan1.sentex.ca [199.212.134.11]) by smtp3b.sentex.ca (8.12.10/8.12.10) with ESMTP id i1QFbk3Z034853; Thu, 26 Feb 2004 10:37:51 -0500 (EST) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by avscan1.sentex.ca (8.12.10/8.12.10) with ESMTP id i1QFc9xa029604; Thu, 26 Feb 2004 10:38:09 -0500 (EST) (envelope-from mike@sentex.net) Received: from simian.sentex.net ([192.168.43.27]) by lava.sentex.ca (8.12.9p2/8.12.9) with ESMTP id i1QFc7Za011025; Thu, 26 Feb 2004 10:38:07 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <6.0.3.0.0.20040226103723.07f24f98@209.112.4.2> X-Sender: mdtpop@209.112.4.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.3.0 Date: Thu, 26 Feb 2004 10:38:11 -0500 To: des@des.no (Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= ) From: Mike Tancsa In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: by amavisd-new cc: security@freebsd.org Subject: Re: HEADS UP: OpenSSH 3.8p1 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Feb 2004 15:38:17 -0000 Hi, Are there plans to MFC 3.8 as well as the new sshd_config defaults to=20 RELENG_4 ? ---Mike At 06:30 AM 26/02/2004, Dag-Erling Sm=F8rgrav wrote: >Take the usual precautions when upgrading. > >Also note that I have changed some configuration defaults: the server >no longer accepts protocol version 1 nor password authentication by >default. If your ssh client does not support ssh protocol version 2 >or keyboard-interactive authentication, the recommended measures are: > > 1) get a better client > 2) get a better client (I mean it) > 3) get a better client (for real this time!) > >and as a last resort > > 4) enable procol version 1 and password authentication in sshd_config > >DES >-- >Dag-Erling Sm=F8rgrav - des@des.no >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"