Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Apr 2002 09:34:52 +1000
From:      Joshua Goodall <joshua@roughtrade.net>
To:        Jordan Hubbard <jkh@winston.freebsd.org>
Cc:        hackers@freebsd.org
Subject:   Re: Erm, since everyone managed to HIJACK my sshd thread! ;)
Message-ID:  <20020423233452.GC86692@roughtrade.net>
In-Reply-To: <13903.1019592309@winston.freebsd.org>
References:  <tlambert2@mindspring.com> <3CC5AF54.8FB22B16@mindspring.com> <13903.1019592309@winston.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
We have an openssh maintainer?

Right now, policy differs between branches. releng_4's openssh gives
a commented alternative in the config, whilst head's gives a commented
default.


A consistent change to -stable would be:

Index: servconf.c
===================================================================
RCS file: /cvs/src/crypto/openssh/servconf.c,v
retrieving revision 1.3.2.11
diff -u -u -r1.3.2.11 servconf.c
--- servconf.c	28 Sep 2001 01:33:34 -0000	1.3.2.11
+++ servconf.c	23 Apr 2002 23:20:43 -0000
@@ -207,7 +207,7 @@
 	if (options->kbd_interactive_authentication == -1)
 		options->kbd_interactive_authentication = 0;
 	if (options->challenge_reponse_authentication == -1)
-		options->challenge_reponse_authentication = 1;
+		options->challenge_reponse_authentication = 0;
 	if (options->permit_empty_passwd == -1)
 		options->permit_empty_passwd = 0;
 	if (options->use_login == -1)
Index: sshd_config
===================================================================
RCS file: /cvs/src/crypto/openssh/sshd_config,v
retrieving revision 1.4.2.6
diff -u -u -r1.4.2.6 sshd_config
--- sshd_config	28 Sep 2001 01:33:35 -0000	1.4.2.6
+++ sshd_config	23 Apr 2002 23:20:54 -0000
@@ -48,8 +48,8 @@
 PasswordAuthentication yes
 PermitEmptyPasswords no
 
-# Uncomment to disable s/key passwords 
-#ChallengeResponseAuthentication no
+# Uncomment to enable s/key passwords 
+#ChallengeResponseAuthentication yes
 
 # To change Kerberos options
 #KerberosAuthentication no


and against -current:


Index: servconf.c
===================================================================
RCS file: /cvs/src/crypto/openssh/servconf.c,v
retrieving revision 1.30
diff -u -u -r1.30 servconf.c
--- servconf.c	20 Apr 2002 09:26:43 -0000	1.30
+++ servconf.c	23 Apr 2002 23:18:01 -0000
@@ -212,7 +212,7 @@
 	if (options->kbd_interactive_authentication == -1)
 		options->kbd_interactive_authentication = 0;
 	if (options->challenge_response_authentication == -1)
-		options->challenge_response_authentication = 1;
+		options->challenge_response_authentication = 0;
 	if (options->permit_empty_passwd == -1)
 		options->permit_empty_passwd = 0;
 	if (options->use_login == -1)
Index: sshd_config
===================================================================
RCS file: /cvs/src/crypto/openssh/sshd_config,v
retrieving revision 1.19
diff -u -u -r1.19 sshd_config
--- sshd_config	2 Apr 2002 21:53:54 -0000	1.19
+++ sshd_config	23 Apr 2002 23:24:54 -0000
@@ -60,8 +60,8 @@
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
 
-# Change to no to disable s/key passwords
-#ChallengeResponseAuthentication yes
+# Change to yes to enable s/key passwords
+#ChallengeResponseAuthentication no
 
 # Kerberos options
 # KerberosAuthentication automatically enabled if keyfile exists


On Tue, Apr 23, 2002 at 01:05:09PM -0700, Jordan Hubbard wrote:
> FWIW, I agree with you, but I'm more interested in fixing this right
> now than I am in chasing the OpenSSH maintainers around with patches
> (unless we've already forked - have we?).  I'll also be happy to
> change this twice if it turns out that getting the change into OpenSSH
> is easier than I thought, but I don't want just having this be fixed
> contingent on that.
> 
> - Jordan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020423233452.GC86692>