From owner-freebsd-current  Wed Jul 10  5:24:19 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1F98A37B400
	for <current@freebsd.org>; Wed, 10 Jul 2002 05:24:17 -0700 (PDT)
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1054743E5E
	for <current@freebsd.org>; Wed, 10 Jul 2002 05:24:16 -0700 (PDT)
	(envelope-from ache@pobrecita.freebsd.ru)
Received: from pobrecita.freebsd.ru (ache@localhost [127.0.0.1])
	by nagual.pp.ru (8.12.5/8.12.5) with ESMTP id g6ACO45C029551;
	Wed, 10 Jul 2002 16:24:12 +0400 (MSD)
	(envelope-from ache@pobrecita.freebsd.ru)
Received: (from ache@localhost)
	by pobrecita.freebsd.ru (8.12.5/8.12.5/Submit) id g6ACO1vs029550;
	Wed, 10 Jul 2002 16:24:02 +0400 (MSD)
	(envelope-from ache)
Date: Wed, 10 Jul 2002 16:23:59 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: current@freebsd.org
Subject: Re: OPIE auth broken too (was Re: PasswordAuthentication not works in sshd)
Message-ID: <20020710122357.GA29452@nagual.pp.ru>
References: <20020709124943.GA15259@nagual.pp.ru> <xzphej9jb3i.fsf@flood.ping.uio.no> <20020709133611.GA17322@nagual.pp.ru> <xzpd6txj93r.fsf@flood.ping.uio.no> <20020709164108.GA19075@nagual.pp.ru> <xzpr8icinnb.fsf@flood.ping.uio.no> <20020709232559.GA23499@nagual.pp.ru> <xzpd6tvj3h3.fsf@flood.ping.uio.no> <20020710115021.GA28478@nagual.pp.ru> <xzpznwzg4k0.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <xzpznwzg4k0.fsf@flood.ping.uio.no>
User-Agent: Mutt/1.5.1i
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

On Wed, Jul 10, 2002 at 14:17:51 +0200, Dag-Erling Smorgrav wrote:
> "Andrey A. Chernov" <ache@nagual.pp.ru> writes:
> > Why what? Sysadmin allows PasswordAuthentication only.
> 
> Why?

Because he choose to not trust hosts keys which can be stolen especially
when not password-protected. Because it is documented way to configure
sshd. This scenario is very equivalent to normal Unix login procedure
excepting that passwords are not transferred as cleartext over the net. It
is most easy way for admin to teach end-users to use ssh without
(mis)dealing with hosts keys.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message