Date: Tue, 16 Aug 2005 17:04:36 +1000 From: Joel Hatton <joel@auscert.org.au> To: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) Cc: freebsd-security@freebsd.org, freebsd-security@auscert.org.au Subject: Re: recompile sshd with OPIE? Message-ID: <200508160704.j7G74asm061949@app.auscert.org.au> In-Reply-To: Message from des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) of "Tue, 16 Aug 2005 08:49:28 %2B0200." <868xz2pe9z.fsf@xps.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> freebsd-security@auscert.org.au writes: > > This may sound like a really silly question, but how do I enable it? > > ChallengeResponseAuthentication Yes Aah - silly me - I always associated that with PAM. I'll try this asap - holiday tomorrow so in a day or two. > > There's no man[5] sshd_config entry, Sorry, I meant there's no mention of OPIE in man[5] sshd_config - as soon as I read my email I thought it could be misinterpreted :) > > but through trial and error I > > identified an option that doesn't cause an error: SkeyAuthentication yes > > Which FreeBSD version are you running? There is no such option in any > recent OpenSSH version, and unrecognized options should cause a fatal > error. 5.3Rp20 - I found this option just by random guessing, it didn't cause an error and the daemon started ok! Didn't work though... thanks very much, -- Joel Hatton -- Security Analyst | Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert@auscert.org.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508160704.j7G74asm061949>