Date: Mon, 22 Apr 2002 19:51:01 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Andrew <andrew@ugh.net.au> Cc: Jordan Hubbard <jkh@winston.freebsd.org>, hackers@freebsd.org Subject: Re: ssh + compiled-in SKEY support considered harmful? Message-ID: <3CC4CC15.6DED09F8@mindspring.com> References: <20020423113925.N45031-100000@starbug.ugh.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew wrote:
> On Mon, 22 Apr 2002, Jordan Hubbard wrote:
> > We at Apple are noticing a strange problem with newer versions of
> > ssh (which has been upgraded to OpenSSH_3.1p1) and FreeBSD 4.5-STABLE's
> > sshd. This problem did not occur with our older ssh, but it also does not
>
> It's just your settings. Issues like this really belong on -questions ;-)
>
> You can put "ChallengeResponseAuthentication no" into ssh{,d}_config on
> either end.
I beg to differ.
When the default behaviour is changed, the dicussion belongs here,
since here is where the proplr who live who can change it back to
The Way It Is Supposed To Be By Default(tm).
IMO, you should have to:
"Add ``ChallengeResponseAuthentication yes'' to get the
new behaviour"
NOT:
"Add ``ChallengeResponseAuthentication no'' to get the
historical behaviour"
It's really damn annoying. Maybe the intention was to subtlely
harass people who put passwords challenge/response pairs into
shell scripts, but the effect has been to unsubtlely harass
people who wire their typing of passwords into their medulla.
-- Terry
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CC4CC15.6DED09F8>