Date: Wed, 12 Feb 2003 09:23:14 +0200 From: Willie Viljoen <will@unfoldings.net> To: freebsd-questions@freebsd.org Subject: Re: OpenSSH security hole on FreeBSD? Message-ID: <200302120923.14175.will@unfoldings.net> In-Reply-To: <20030211194457.A22618@mail.hitmedia.com> References: <20030211194457.A22618@mail.hitmedia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 12 February 2003 5:44, BSD baby wrote: > I install OpenSSH like this: > > cd /usr/ports/security/openssh-portable > make -DOPENSSH_OVERWRITE_BASE install > > That puts things here: > /usr/bin/ssh > /usr/sbin/sshd > /etc/ssh/sshd_config > > BUT... it seems to be IGNORING the sshd_config! > > TWO major security holes: > > #1 - It won't let me turn off passwords > (PasswordAuthentication no) > > #2 - It only requires I type the first 8 characters > of my password! (I use 16-character password.) > > > I don't have these problems on OpenBSD. > Any idea why they would be on FreeBSD? They shouldn't. Why are you using the ported version though? The version included in base is in many cases more secure than the version from ports, and it's been checked and poked with a stick by FreeBSD coders to make sure every thing is compatible, not to mention that it's properly PAMified (which the ports one doesn't seem to be) If you must have the latest version, rather get it from base and while you're at it, upgrade the rest of base too. Install the sources in /usr/src and use cvsup (in ports) to get the latest source, then follow instructions in /usr/src/UPDATING to upgrade your system. Will > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Willie Viljoen Freelance IT Consultant 214 Paul Kruger Avenue, Universitas Bloemfontein 9321 South Africa +27 51 522 15 60 +27 51 522 44 36 (after hours) +27 82 404 03 27 (mobile) will@unfoldings.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302120923.14175.will>