Date: Fri, 18 Jan 2002 10:49:39 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: green@FreeBSD.org Cc: qa@FreeBSD.org Subject: Re: s/key! (fwd) Message-ID: <Pine.NEB.3.96L.1020118104855.23003J-101000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-1606206787-1011368979=:23003 Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.NEB.3.96L.1020118104855.23003L@fledge.watson.org> Would it make sense to modify the default here so as to avoid violating POLA? If S/Key is not configured, it seems like there really shouldn't be S/Key challenges. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services ---------- Forwarded message ---------- Date: Thu, 17 Jan 2002 14:58:18 +0100 From: Stijn Hoop <stijn@win.tue.nl> To: Randy Bush <randy@psg.com> Cc: freebsd-security@freebsd.org Subject: Re: s/key! On Thu, Jan 17, 2002 at 05:50:54AM -0800, Randy Bush wrote: > i have never done anything wish s/key on either host. why am i getting > this? (both quite recent -stable) > > ns0.psg.com:/usr/local/src/distfiles# rsy randy@rip.psg.com:bind-9.2.0.tar.gz . > otp-md5 3 ri5788 ext > S/Key Password: This has bitten me before as well. Recent -STABLE turns S/Key on by default in /etc/ssh/sshd_config. Uncomment the line: # ChallengeResponseAuthentication no to disable S/Key again. HTH, --Stijn -- "I'm not under the alkafluence of inkahol that some thinkle peep I am. It's just the drunker I sit here the longer I get." --0-1606206787-1011368979=:23003 Content-Type: APPLICATION/PGP-SIGNATURE Content-ID: <Pine.NEB.3.96L.1020118104855.23003M@fledge.watson.org> Content-Description: -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8Rth6Y3r/tLQmfWcRAm0qAJ0ftUGO/0NvEbX0gm6gBeoetLRHuwCfYMuG ZhmgGlxuZtJ9fr4jCe3LSFk= =/rj7 -----END PGP SIGNATURE----- --0-1606206787-1011368979=:23003-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-qa" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020118104855.23003J-101000>