Date: Mon, 22 Apr 2002 19:01:21 -0700 From: Jordan Hubbard <jkh@winston.freebsd.org> To: Oscar Bonilla <obonilla@galileo.edu> Cc: Anthony Schneider <aschneid@mail.slc.edu>, Mike Meyer <mwm-dated-1019955884.8b118e@mired.org>, hackers@FreeBSD.ORG Subject: Re: ssh + compiled-in SKEY support considered harmful? Message-ID: <11531.1019527281@winston.freebsd.org> In-Reply-To: Message from Oscar Bonilla <obonilla@galileo.edu> of "Mon, 22 Apr 2002 19:44:41 MDT." <20020422194441.A17469@galileo.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
That would be my question as well, especially since "everyone else" seems to use that default. Thanks to all who responded, and so quickly at that - this at least clarified the situation (and gave me a way out!). - Jordan > shouldn't the default be no skey? > > On Mon, Apr 22, 2002 at 09:41:20PM -0400, Anthony Schneider wrote: > > On Mon, Apr 22, 2002 at 08:04:43PM -0500, Mike Meyer wrote: > > > In <200204230039.g3N0dQ8i011313@winston.freebsd.org>, Jordan Hubbard <jkh @winston.freebsd.org> typed: > > > > My question: Who's "wrong" here, FreeBSD or Mac OS X? If the latter, > > > > > > Someone decided that FreeBSD should do challengeresponse > > > authentication by default. You can fix it by uncommenting the line > > > "#ChallengeResponseAuthentication no" in /etc/ssh/sshd_config. > > > > > > > that's what fixxed it for me, too. > > SkeyAuthentication no also does it. :) > > -Anthony. > > > > ----------------------------------------------- > > PGP key at: > > http://www.keyserver.net/ > > http://www.anthonydotcom.com/gpgkey/key.txt > > Home: > > http://www.anthonydotcom.com > > ----------------------------------------------- > > > > > > -- > pgp fingerprint: BC64 2E7A CAEF 39E1 9544 80CA F7D5 784D FB46 16C1 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11531.1019527281>