From owner-freebsd-hackers Tue Apr 23 13: 6: 1 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from winston.freebsd.org (adsl-64-173-15-98.dsl.sntc01.pacbell.net [64.173.15.98]) by hub.freebsd.org (Postfix) with ESMTP id 5BCAE37B425 for ; Tue, 23 Apr 2002 13:05:12 -0700 (PDT) Received: from winston.freebsd.org (jkh@localhost [127.0.0.1]) by winston.freebsd.org (8.12.2/8.12.2) with ESMTP id g3NK597W013904; Tue, 23 Apr 2002 13:05:09 -0700 (PDT) (envelope-from jkh@winston.freebsd.org) To: Terry Lambert Cc: hackers@freebsd.org Subject: Re: Erm, since everyone managed to HIJACK my sshd thread! ;) In-Reply-To: Message from Terry Lambert of "Tue, 23 Apr 2002 12:00:36 PDT." <3CC5AF54.8FB22B16@mindspring.com> Date: Tue, 23 Apr 2002 13:05:09 -0700 Message-ID: <13903.1019592309@winston.freebsd.org> From: Jordan Hubbard Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG FWIW, I agree with you, but I'm more interested in fixing this right now than I am in chasing the OpenSSH maintainers around with patches (unless we've already forked - have we?). I'll also be happy to change this twice if it turns out that getting the change into OpenSSH is easier than I thought, but I don't want just having this be fixed contingent on that. - Jordan > Jordan Hubbard wrote: > > I'm going to commit the following in 48 hours unless someone can > > convince me that it's a good idea for FreeBSD to be the odd-OS out > > with respect to this behavior: > > [ ... ] > > > -# Uncomment to disable s/key passwords > > -#ChallengeResponseAuthentication no > > +# Comment out to enable s/key passwords > > +ChallengeResponseAuthentication no > > IMO, the default, in the absence of an option, should be "no". > > So the patch should both set the default in the source code, and > change the file, like so: > > -# Uncomment to disable s/key passwords > -#ChallengeResponseAuthentication no > +# Uncomment to enable s/key passwords > +#ChallengeResponseAuthentication yes > > -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message