Date: Thu, 25 Apr 2002 22:39:07 +1000 From: Joshua Goodall <joshua@roughtrade.net> To: Dag-Erling Smorgrav <des@ofug.org> Cc: Josef Karthauser <joe@tao.org.uk>, "Jordan K. Hubbard" <jkh@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh servconf.c sshd_config Message-ID: <20020425123907.GJ8927@roughtrade.net> In-Reply-To: <xzpvgagxaw6.fsf@flood.ping.uio.no> References: <200204250559.g3P5xrS51528@freefall.freebsd.org> <xzp662gyq1m.fsf@flood.ping.uio.no> <20020425113715.GB21335@genius.tao.org.uk> <xzpvgagxaw6.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 25, 2002 at 01:42:17PM +0200, Dag-Erling Smorgrav wrote: > Josef Karthauser <joe@tao.org.uk> writes: > > Can you find a better way of preventing this: > > > > genius% ssh dhcp59 > > otp-md5 228 dh6546 ext > > S/Key Password: > > otp-md5 170 dh0164 ext > > S/Key Password: > > otp-md5 170 dh0164 ext > > S/Key Password: > > joe@dhcp59.tao.org.uk's password: > > This is a bug in OpenSSH's S/Key code, which is not used in -CURRENT. > The problem you quote only affects -STABLE servers. > > > We shouldn't be doing S/Key by default. > > We don't in -CURRENT. See my post today in -hackers, which includes a better fix for -stable and agrees with you about -current. Incidentally the "S/Key Password:" prompt is misleading. These are libopie calls. Joshua To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020425123907.GJ8927>