Date: Wed, 10 Jul 2002 13:06:30 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: Dag-Erling Smorgrav <des@ofug.org>, current@freebsd.org Subject: Re: OPIE auth broken too (was Re: PasswordAuthentication not works in sshd) Message-ID: <3D2C93C6.349DFEEB@mindspring.com> References: <20020709124943.GA15259@nagual.pp.ru> <xzphej9jb3i.fsf@flood.ping.uio.no> <20020709133611.GA17322@nagual.pp.ru> <xzpd6txj93r.fsf@flood.ping.uio.no> <20020709164108.GA19075@nagual.pp.ru> <xzpr8icinnb.fsf@flood.ping.uio.no> <20020709232559.GA23499@nagual.pp.ru> <xzpd6tvj3h3.fsf@flood.ping.uio.no> <20020710115021.GA28478@nagual.pp.ru> <xzpznwzg4k0.fsf@flood.ping.uio.no> <20020710122357.GA29452@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" wrote: > On Wed, Jul 10, 2002 at 14:17:51 +0200, Dag-Erling Smorgrav wrote: > > "Andrey A. Chernov" <ache@nagual.pp.ru> writes: > > > Why what? Sysadmin allows PasswordAuthentication only. > > > > Why? > > Because he choose to not trust hosts keys which can be stolen especially > when not password-protected. Because it is documented way to configure > sshd. This scenario is very equivalent to normal Unix login procedure > excepting that passwords are not transferred as cleartext over the net. It > is most easy way for admin to teach end-users to use ssh without > (mis)dealing with hosts keys. I think he meant "Why doesn't it respect the "secure" flag on pty's in /etc/ttys, like all other conforming UNIX programs do?". -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D2C93C6.349DFEEB>