From nobody Thu Jun 16 13:38:59 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8097C8400B7 for ; Thu, 16 Jun 2022 13:39:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LP3DN0qsYz4sdb for ; Thu, 16 Jun 2022 13:39:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 35ED142AB for ; Thu, 16 Jun 2022 13:38:59 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 25GDcx4R015432 for ; Thu, 16 Jun 2022 13:38:59 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 25GDcxBl015431 for ports-bugs@FreeBSD.org; Thu, 16 Jun 2022 13:38:59 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 263045] security/openssh-portable: password configuration options are unclear Date: Thu, 16 Jun 2022 13:38:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1655386740; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cCtj/IMldqYbR2WFT+pIX7b/SdXn/sOH45FVyz9VwEA=; b=MdraEjydBYknieKFnCspLfBQr3KNvtnGsdHbMwor2t3OSTGwsL8FczVsc3pzBqFp8jDHcw tWo0HRBbkndPm5hk3zP0bloGC4E95mOEnbVMPalNM/ZE9lw9Z4Cug8YGgUfCmZhTws9hy7 xp4WZestLF2pdHH0CHI8Ms47VbHMAhyWOLWZvavunMgw0OmjHLmkg7pH+C4uZKFFqIV2BR FUzn6655I1hHUas2hv3QpHtlsnObZAr0c4FZ4VwnL7x61FtlKd/f5l6UL2NwtWqAjvpl2+ a5p337xpj47CbIe7aPAI6ATsEVLQXY1r1zmnA+gJ/NJ7Yt6zvS4pOAiQ1sFBfQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1655386740; a=rsa-sha256; cv=none; b=kgBlG7UN1JiIQQ7SXYQaYGmBAR75i8JDbB6HW5fwz7aHiflfG2smByCZIG5hRGZRRbviZ/ UvmAGSDP5wkIBfEqg3ooNuMx2TVKnYKmBQTvOieChEIwr238XKQQDMkRE7e8E1RATMnBng LN5vWT4nrM392R+RM5SwsuUcAPSez4/yqqGu93FTWgZ8PsT75YElJKVOfx1PaHZ06T/WBN 6TARQ+u+MAaJVQ+U2dN0J4OAtFQn+eVWttHHjSDWpRwA61dEVMcfyQLN14CQwPXJDBEq6+ wXF3xt6+tqEZmCo0Ptk5Xxz5e02VedrLhRQNHvukyN13kSN/ZW0j04djpXjp/w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263045 --- Comment #17 from commit-hook@FreeBSD.org --- A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Da5e7c28b9b84b81bbb8a8242ae44cc073= b0103dc commit a5e7c28b9b84b81bbb8a8242ae44cc073b0103dc Author: Ed Maste AuthorDate: 2022-05-25 13:32:57 +0000 Commit: Ed Maste CommitDate: 2022-06-16 13:37:36 +0000 sshd_config: clarify password authentication options Passwords may be accepted by both the PasswordAuthentication and KbdInteractiveAuthentication authentication schemes. Add a reference to the latter in the description/comment for PasswordAuthentication, as it otherwise may seem that "PasswordAuthentication no" implies passwords will be disallowed. This situation should be clarified with more extensive documentation on the authentication schemes and configuration options, but that should be done in coordination with upstream OpenSSH. This is a minimal change that will hopefully clarify the situation without requiring an extensive local patch set. PR: 263045 Reviewed by: manu (earlier version) MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D35272 (cherry picked from commit 9f009e066f088e2c31442db31d2a85001040abfe) crypto/openssh/sshd_config | 1 + crypto/openssh/sshd_config.5 | 2 ++ 2 files changed, 3 insertions(+) --=20 You are receiving this mail because: You are the assignee for the bug.=