Date: Wed, 24 Apr 2002 21:50:46 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Jordan Hubbard <jkh@winston.freebsd.org> Cc: hackers@freebsd.org Subject: Re: Erm, since everyone managed to HIJACK my sshd thread! ;) Message-ID: <Pine.NEB.3.96L.1020424214955.55944N-100000@fledge.watson.org> In-Reply-To: <200204231839.g3NId1UR013639@winston.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Sigh. I responded privately, but I see a plethora of mis-informed response also. Please commit the fix to the S/Key code, rather than disabling challenge response protocol behavior. There's nothing wrong with supporting the challenge/response parts of the protocol, and it's even desirable from a PAM perspective. Go fix it properly. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Tue, 23 Apr 2002, Jordan Hubbard wrote: > I'm going to commit the following in 48 hours unless someone can > convince me that it's a good idea for FreeBSD to be the odd-OS out > with respect to this behavior: > > Index: sshd_config > =================================================================== > RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v > retrieving revision 1.4.2.6 > diff -u -r1.4.2.6 sshd_config > --- sshd_config 28 Sep 2001 01:33:35 -0000 1.4.2.6 > +++ sshd_config 23 Apr 2002 18:38:01 -0000 > @@ -48,8 +48,8 @@ > PasswordAuthentication yes > PermitEmptyPasswords no > > -# Uncomment to disable s/key passwords > -#ChallengeResponseAuthentication no > +# Comment out to enable s/key passwords > +ChallengeResponseAuthentication no > > # To change Kerberos options > #KerberosAuthentication no > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020424214955.55944N-100000>