Date: Thu, 26 Feb 2004 12:15:33 -0500 From: "Mike Jakubik" <mikej@rogers.com> To: =?iso-8859-1?Q?'Dag-Erling_Sm=F8rgrav'?= <des@des.no> Cc: current@freebsd.org Subject: RE: sshd_config 1.35 commit Message-ID: <20040226171444.ILLR435635.fep04-mail.bloor.is.net.cable.rogers.com@win2000> In-Reply-To: <xzpfzcy12wa.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-current@freebsd.org > [mailto:owner-freebsd-current@freebsd.org] On Behalf Of > Dag-Erling Smørgrav > Sent: Thursday, February 26, 2004 6:44 AM > To: Mike Jakubik > Cc: current@freebsd.org > Subject: Re: sshd_config 1.35 commit > > "Mike Jakubik" <mikej@rogers.com> writes: > > I have built world recently, only to find out I cant > log into my > > server via ssh anymore. Am I the only one that thinks disabling > > password authentication in default sshd is a stupid idea? > > Yes. Password authentication allows the client to circumvent > PAM policies. If your client doesn't support > keyboard-interactive, get a better client (hint: putty). > > DES When choosing ssh v2 and keyboard-interactive authentication in SecureCRT I have to enter the password twice (it doesn’t work the first time) and I can not save the password. You think this is better than the old behavior? What better ssh software is there than SecureCRT? I don’t like putty. I'm not going to memorize all my clients logins, and waste time typing them in. It’s a pain in the ass and a waste of time. How come this PAM circumvention wasn’t a problem before? We've always been using password logins.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040226171444.ILLR435635.fep04-mail.bloor.is.net.cable.rogers.com>