Date: Wed, 11 Nov 2015 18:04:40 +0000 (UTC) From: Bryan Drewery <bdrewery@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r401289 - head/security/openssh-portable Message-ID: <201511111804.tABI4eGN092330@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bdrewery Date: Wed Nov 11 18:04:40 2015 New Revision: 401289 URL: https://svnweb.freebsd.org/changeset/ports/401289 Log: Update advice to disable ChallengeResponseAuthentication for key usage. PR: 204475 Reported by: Mark.Martinec@ijs.si Modified: head/security/openssh-portable/Makefile head/security/openssh-portable/pkg-message Modified: head/security/openssh-portable/Makefile ============================================================================== --- head/security/openssh-portable/Makefile Wed Nov 11 17:40:45 2015 (r401288) +++ head/security/openssh-portable/Makefile Wed Nov 11 18:04:40 2015 (r401289) @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 7.1p1 -PORTREVISION= 2 +PORTREVISION= 3 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable Modified: head/security/openssh-portable/pkg-message ============================================================================== --- head/security/openssh-portable/pkg-message Wed Nov 11 17:40:45 2015 (r401288) +++ head/security/openssh-portable/pkg-message Wed Nov 11 18:04:40 2015 (r401289) @@ -11,5 +11,6 @@ OpenSSH port, and if truly necessary, re by readjusting this option in your sshd_config. Users are encouraged to create single-purpose users with ssh keys, disable -Password auth with 'PasswordAuthentication no' and define very narrow sudo +Password authentication by setting 'PasswordAuthentication no' and +'ChallengeResponseAuthentication no', and to define very narrow sudo privileges instead of using root for automated tasks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201511111804.tABI4eGN092330>