From owner-freebsd-current@FreeBSD.ORG  Wed Feb 25 23:02:47 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5C68016A4CE
	for <current@freebsd.org>; Wed, 25 Feb 2004 23:02:47 -0800 (PST)
Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za
	[146.64.24.58])	by mx1.FreeBSD.org (Postfix) with ESMTP id 4A6C143D2F
	for <current@freebsd.org>; Wed, 25 Feb 2004 23:02:45 -0800 (PST)
	(envelope-from jhay@zibbi.icomtek.csir.co.za)
Received: from zibbi.icomtek.csir.co.za (localhost [127.0.0.1])
	i1Q72giE072972;	Thu, 26 Feb 2004 09:02:42 +0200 (SAST)
	(envelope-from jhay@zibbi.icomtek.csir.co.za)
Received: (from jhay@localhost)i1Q72geh072971;
	Thu, 26 Feb 2004 09:02:42 +0200 (SAST)	(envelope-from jhay)
Date: Thu, 26 Feb 2004 09:02:42 +0200
From: John Hay <jhay@icomtek.csir.co.za>
To: current@freebsd.org
Message-ID: <20040226070242.GA72677@zibbi.icomtek.csir.co.za>
References:
	<20040226061844.QTXI189272.fep03-mail.bloor.is.net.cable.rogers.com@win2000>
	<20040226062424.GA70471@zibbi.icomtek.csir.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040226062424.GA70471@zibbi.icomtek.csir.co.za>
User-Agent: Mutt/1.4.1i
cc: Mike Jakubik <mikej@rogers.com>
Subject: Re: sshd_config 1.35 commit
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Feb 2004 07:02:47 -0000

On Thu, Feb 26, 2004 at 08:24:25AM +0200, John Hay wrote:
> > 
> > 	I have built world recently, only to find out I cant log into my
> > server via ssh anymore. Am I the only one that thinks disabling password
> > authentication in default sshd is a stupid idea? I think this is a pain in
> > the ass, like the 'no root login' option wasn't enough. A nice heads up or
> > entry in UPDATING would have been nice, so people don't get locked out after
> > updating.
> 
> I agree with you, it has bitten me already too. :-((( My vote would be
> for backing it out.

Replying to myself, maybe it isn't so bad and an entry to UPDATING might
be enough. In my case I had to add an

PreferredAuthentications publickey,password

entry to .ssh/config a while back because otherwise I couldn't log in
to some older machines. It looks like adding keyboard-interactive at
the end of that line fix my problems.

John
-- 
John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org