From owner-freebsd-stable Wed Oct 3 8:44:51 2001 Delivered-To: freebsd-stable@freebsd.org Received: from raven.ravenbrook.com (raven.ravenbrook.com [193.82.131.18]) by hub.freebsd.org (Postfix) with ESMTP id 1689A37B406 for ; Wed, 3 Oct 2001 08:44:48 -0700 (PDT) Received: from thrush.ravenbrook.com (thrush.ravenbrook.com [193.112.141.249]) by raven.ravenbrook.com (8.11.6/8.11.3) with ESMTP id f93Fih032427 for ; Wed, 3 Oct 2001 16:44:43 +0100 (BST) (envelope-from nb@ravenbrook.com) Received: from thrush.ravenbrook.com (localhost [127.0.0.1]) by thrush.ravenbrook.com (8.11.4/8.11.2) with ESMTP id f93Fhdx99748 for ; Wed, 3 Oct 2001 16:43:40 +0100 (BST) (envelope-from nb@thrush.ravenbrook.com) From: Nick Barnes To: freebsd-stable@freebsd.org Subject: sshd: requiring password _and_ RSA authentication Date: Wed, 03 Oct 2001 16:43:39 +0100 Message-ID: <99746.1002123819@thrush.ravenbrook.com> Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG One of our servers used to run FreeBSD 2.2.8 with SSH 2 built from /usr/ports/security/ssh2. I'm not sure exactly which version of SSH this was. We had sshd configured to require both a password and RSA (or maybe DSA) authentication. I've upgraded the machine to FreeBSD 4.4-RELENG. The sshd which comes with this is "OpenSSH_2.3.0 FreeBSD localisations 20010713". The config file was quite different; presumably the previous version was not OpenSSH. I can't figure out how to configure this to require both a password and a shared secret. Is it possible? (RSA authentication only is fine if your laptops never get stolen or left unattended...). Nick B To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message