From owner-freebsd-current@FreeBSD.ORG  Thu Feb 26 09:39:35 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DD85316A4CE
	for <current@freebsd.org>; Thu, 26 Feb 2004 09:39:35 -0800 (PST)
Received: from smtp.des.no (flood.des.no [217.116.83.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6F3F643D1F
	for <current@freebsd.org>; Thu, 26 Feb 2004 09:39:35 -0800 (PST)
	(envelope-from des@des.no)
Received: by smtp.des.no (Pony Express, from userid 666)
	id 1338E5309; Thu, 26 Feb 2004 18:39:34 +0100 (CET)
Received: from dwp.des.no (des.no [80.203.228.37])
	by smtp.des.no (Pony Express) with ESMTP
	id 998615308; Thu, 26 Feb 2004 18:39:26 +0100 (CET)
Received: by dwp.des.no (Postfix, from userid 2602)
	id 174C433C71; Thu, 26 Feb 2004 18:39:26 +0100 (CET)
To: "Mike Jakubik" <mikej@rogers.com>
References: <20040226171444.ILLR435635.fep04-mail.bloor.is.net.cable.rogers.com@win2000>
From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
Date: Thu, 26 Feb 2004 18:39:25 +0100
In-Reply-To:
	<20040226171444.ILLR435635.fep04-mail.bloor.is.net.cable.rogers.com@win2000>
	(Mike Jakubik's message of "Thu, 26 Feb 2004 12:15:33 -0500")
Message-ID: <xzpsmgxloz6.fsf@dwp.des.no>
User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on flood.des.no
X-Spam-Level: 
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.63
cc: current@freebsd.org
Subject: Re: sshd_config 1.35 commit
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Feb 2004 17:39:36 -0000

"Mike Jakubik" <mikej@rogers.com> writes:
> When choosing ssh v2 and keyboard-interactive authentication in SecureCRT=
 I
> have to enter the password twice (it doesnt work the first time) and I can
> not save the password. You think this is better than the old behavior?

The old behaviour is to allow clients to bypass the PAM policy.

>                                                                        Wh=
at
> better ssh software is there than SecureCRT? I dont like putty.

That's your problem.

>                                                                  I'm not
> going to memorize all my clients logins, and waste time typing them in. I=
ts
> a pain in the ass and a waste of time. How come this PAM circumvention

I agree.  That's why I use key authentication.  Maybe you should too.

>                                        How come this PAM circumvention
> wasnt a problem before?

It's always been a problem, for as long as OpenSSH has supported PAM.

DES
--=20
Dag-Erling Sm=F8rgrav - des@des.no