Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 27 Jun 2002 06:54:35 -0500
From:      D J Hawkey Jr <hawkeyd@visi.com>
To:        "Nickolay A. Kritsky" <nkritsky@internethelp.ru>
Cc:        Steve Ames <steve@energistic.com>, Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@FreeBSD.ORG
Subject:   Re: CERT (Was: Re: NUTS! "Much ado about nothing" -- I need a clearer up or down)
Message-ID:  <20020627065435.A3772@sheol.localdomain>
In-Reply-To: <88624007.20020627130948@internethelp.ru>; from nkritsky@internethelp.ru on Thu, Jun 27, 2002 at 01:09:48PM %2B0400
References:  <UqmS8.2068$eH2.1608821@ruti.visi.com> <200206261711.g5QHB9t00396@sheol.localdomain> <xzpr8itxzgm.fsf@flood.ping.uio.no> <20020626210055.A2065@sheol.localdomain> <20020627022949.GA55324@energistic.com> <20020626214957.A2165@sheol.localdomain> <88624007.20020627130948@internethelp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Jun 27, at 01:09 PM, Nickolay A. Kritsky wrote:
> 
> DJHJ> See below for some observations. For brevity's sake, I've snipped irrelevant
> DJHJ> text.
> 
> for brevity's sake I've snipped even more
> 
> <snip>
> 
> >> Disable PAM authentication via interactive keyboard
> >> 
> >>    [SNIP]
> >> 
> >>           PAMAuthenticationViaKbdInt no
> 
> DJHJ> No such animal with the OpenSSH version in RELENG_4_5.
> 
> I don't know which version of OpenSSH is used in RELENG_4_5, but for
> those of you, who run OpenSSH_2.9.9p2, this is what you should know:
> such option exists, and according to man page is turned off by
> default.

OpenSSH in RELENG_4_5 (FreeBSD 4.5-RELEASE[-pN]) is OpenSSH_2.9.
To reiterate, all that has to be done for this version is turn off
"ChallengeResponseAuthentication".

> ; NKritsky

Dave

-- 
  ______________________                         ______________________
  \__________________   \    D. J. HAWKEY JR.   /   __________________/
     \________________/\     hawkeyd@visi.com    /\________________/
                      http://www.visi.com/~hawkeyd/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020627065435.A3772>