Date: Wed, 26 Jun 2002 14:34:06 -0700 From: Darren Pilgrim <dmp@pantherdragon.org> To: freebsd-security@freebsd.org Subject: Now I'm really confused! Message-ID: <3D1A334E.40076AD0@pantherdragon.org>
next in thread | raw e-mail | index | archive | help
I know a great deal of you are utterly sick and tired with the whole OpenSSH fiasco. I am too, but I'm also really confused, and now worried about the security of my machine. I upgraded OpenSSH to 3.3p1 only to be told that the stock version I had wasn't vulnerable. I've also now been told that "ChallengeResponseAuthentication no" in my sshd_config is the real workaround. My question(s): With v3.3p1, and "ChallengeResponseAuthentication no" in /etc/ssh/sshd_config, from a security standpoint, am I better off, worse off, or at about the same level that I was at with the stock 4.5-R sshd? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D1A334E.40076AD0>