Date: Fri, 26 Jan 2001 14:06:55 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Matt Dillon <dillon@earth.backplane.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: OpenSSH b0rked (was RE: Problems with IPFW patch) Message-ID: <20010126140655.A85658@citusc17.usc.edu> In-Reply-To: <200101262153.f0QLrLL40016@earth.backplane.com>; from dillon@earth.backplane.com on Fri, Jan 26, 2001 at 01:53:21PM -0800 References: <NDBBJJFIKLHBJCFDIOKGEEKHCAAA.kupek@earthlink.net> <FDEEKLDJMPFBCBKOEEINCEIGCKAA.scott@link-net.com> <20010124230626.A49802@citusc17.usc.edu> <20010125103255.A78404@FreeBSD.org> <200101262153.f0QLrLL40016@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jan 26, 2001 at 01:53:21PM -0800, Matt Dillon wrote: > :I would ask, that in -STABLE at least, the fatal error be backed > :out to a warning, at least for a few months (with sshd ignoring the > :directive, and continuing to run), and then only move to a fatal > :error + die. > : > :-aDe > : > :--=20 > :Ade Lovett, Austin, TX. ade@FreeBSD.org > :FreeBSD: The Power to Serve http://www.FreeBSD.org/ >=20 > I second this request. It also happened when pam.conf/ssh changed. > Only the serial console saved me from a car trip to one of my > colocated machines. Two such changes in a row for ssh is too much. Well, *that* one was unavoidable; sshd now uses PAM by default. You must have tried hard to not notice the upgrade requirement; it was documented in the commit log, on the mailing lists, in /usr/src/UPDATING and would have been caught by mergemaster if you had run it after your build. Kris P.S. green is doing OpenSSH thesedays, he's the person you need to speak to if you have suggestions. --=20 NOTE: To fetch an updated copy of my GPG key which has not expired, finger kris@FreeBSD.org --n8g4imXOkfNTN/H1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6cfT+Wry0BWjoQKURAv7eAKC8OKS3HxkwnU6xnPQRso6pz6znGACgnsDt qYbyQHFXfbth/kLER57EvrM= =xlMS -----END PGP SIGNATURE----- --n8g4imXOkfNTN/H1-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010126140655.A85658>