From owner-freebsd-security  Mon Dec  3 18:54:17 2001
Delivered-To: freebsd-security@freebsd.org
Received: from shemp.palomine.net (shemp.palomine.net [216.135.64.135])
	by hub.freebsd.org (Postfix) with SMTP id 8F38737B417
	for <security@freebsd.org>; Mon,  3 Dec 2001 18:54:14 -0800 (PST)
Received: (qmail 88786 invoked by uid 1000); 4 Dec 2001 02:54:13 -0000
Date: Mon, 3 Dec 2001 21:54:13 -0500
From: Chris Johnson <cjohnson@palomine.net>
To: Holtor <holtor@yahoo.com>
Cc: security@freebsd.org
Subject: Re: OpenSSH Vulnerability
Message-ID: <20011203215413.A88761@palomine.net>
References: <20011203213708.A88390@palomine.net> <20011204024718.74912.qmail@web11601.mail.yahoo.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="n8g4imXOkfNTN/H1"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011204024718.74912.qmail@web11601.mail.yahoo.com>; from holtor@yahoo.com on Mon, Dec 03, 2001 at 06:47:18PM -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--n8g4imXOkfNTN/H1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Dec 03, 2001 at 06:47:18PM -0800, Holtor wrote:
> It is enabled here:
>=20
> /usr/src/crypto/openssh/sshd_config
>=20
> Thats the only sshd_config in /usr/src besides the one in picobsd so I fi=
gure
> its what should be used when upgrading a system. I don't think mergemaster
> updates anything in /etc/ssh because nothing exists in /usr/src/etc/ssh --
> probably am wrong though.

Ahh... I was looking at a 4.4-RELEASE box, where it's not enabled. On my
4.4-STABLE boxes it appears that it is.

> Just wondering also how people go about updating their sshd_config. I know
> there was many changes when freebsd changed from openssh 2.3.0 to openssh
> 2.9.

Chris

--n8g4imXOkfNTN/H1
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8DDrVyeUEMvtGLWERAhZ/AJ9MwFpouUogcUFkaLo9yUfE45QqMgCgu51G
loEZkyc3AP4QICxhtnEgAcc=
=oBhO
-----END PGP SIGNATURE-----

--n8g4imXOkfNTN/H1--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message