From owner-freebsd-stable Sun Aug 4 21:45:29 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5626537B405 for ; Sun, 4 Aug 2002 21:45:21 -0700 (PDT) Received: from sante.techgodz.com (mdsnwi13-vlan436-120.dsl.tds.net [66.222.30.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B2C943E4A for ; Sun, 4 Aug 2002 21:45:20 -0700 (PDT) (envelope-from sephtin@techgodz.com) Received: from jer021p2 (unknown [192.168.1.8]) by sante.techgodz.com (Postfix) with SMTP id 3C5AA3E; Fri, 2 Aug 2002 12:00:24 -0500 (CDT) Message-ID: <002e01c23a46$1c3bd480$be22410a@amfam.com> From: "John" To: Cc: "Thomas Seck" References: <20020718041640.GA169@leafy.idv.tw> <20020718093542.Q53886-100000@www.mmlab.cse.yzu.edu.tw> <200207180204.g6I244Je000390@drugs.dv.isc.org> <20020718041640.GA169@leafy.idv.tw> <1026966873.18062.26.camel@chowder.gsoft.com.au> <5.1.1.6.2.20020731075139.022604e8@194.184.65.7> <20020731111228.B93345@veverka.sh.cvut.cz> <007001c23882$d5c72fa0$0b64a8c0@pootah> <000701c23959$3ae2a640$0b64a8c0@pootah> <20020801193220.GA1052@laurel.tmseck.homedns.org> Subject: Re: SSHD for protocol version 2 changed? Date: Fri, 2 Aug 2002 12:00:31 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG For the second time since vers. 4.4, I let mergemaster overwrite my sshd_config file (since the file has changed quite a bit)... Then I started getting the problem with putty. So I did a diff on the files, and found that changing one line in my sshd_config file fixes the issue. The default sshd_config file contains: # change to no to disable PAM authentication #ChallengeResponseAuthentication yes I simply changed it to read: # change to no to disable PAM authentication ChallengeResponseAuthentication no It fixes putty... which allows me to connect from work. Can someone tell me what security I'm giving up by doing this? Thanks! John (Still a FreeBSD Newb). ----- Original Message ----- From: "Thomas Seck" To: Sent: Thursday, August 01, 2002 2:32 PM Subject: Re: SSHD for protocol version 2 changed? > * Rob B (rbyrnes@ozemail.com.au): > > > A question was raised in this thread about what triggers the illegal > > operation in PuTTY when connecting. > > > > Compression OFF + Keyboard interactive OFF = OK > > Compression ON + Keyboard interactive OFF = OK > > Compression OFF + Keyboard interactive ON = dead PuTTY > > Compression ON + Keyboard interactive ON = dead PuTTY > > Strange, I tried but I cannot confirm this. > > PuTTY 0.52 on Windows XP against OpenSSH 3.4p1 FreeBSD-20020702 from a > system built on July 20 works fine here with every combination of > authentication method, compression, encryption algorithm, and "Keyboard > Interactive"-ness I could think of. > > > So as I stated in a previous mail - it doesn't matter whether you use > > comperession on the ssh session, it's the keyboard interactive bit that > > kills PuTTY. > > Hm, not here. Seems to be a bit more complicated. > > -- > Thomas Seck > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message