Date: Wed, 24 Apr 2002 09:34:52 +1000 From: Joshua Goodall <joshua@roughtrade.net> To: Jordan Hubbard <jkh@winston.freebsd.org> Cc: hackers@freebsd.org Subject: Re: Erm, since everyone managed to HIJACK my sshd thread! ;) Message-ID: <20020423233452.GC86692@roughtrade.net> In-Reply-To: <13903.1019592309@winston.freebsd.org> References: <tlambert2@mindspring.com> <3CC5AF54.8FB22B16@mindspring.com> <13903.1019592309@winston.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
We have an openssh maintainer? Right now, policy differs between branches. releng_4's openssh gives a commented alternative in the config, whilst head's gives a commented default. A consistent change to -stable would be: Index: servconf.c =================================================================== RCS file: /cvs/src/crypto/openssh/servconf.c,v retrieving revision 1.3.2.11 diff -u -u -r1.3.2.11 servconf.c --- servconf.c 28 Sep 2001 01:33:34 -0000 1.3.2.11 +++ servconf.c 23 Apr 2002 23:20:43 -0000 @@ -207,7 +207,7 @@ if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 0; if (options->challenge_reponse_authentication == -1) - options->challenge_reponse_authentication = 1; + options->challenge_reponse_authentication = 0; if (options->permit_empty_passwd == -1) options->permit_empty_passwd = 0; if (options->use_login == -1) Index: sshd_config =================================================================== RCS file: /cvs/src/crypto/openssh/sshd_config,v retrieving revision 1.4.2.6 diff -u -u -r1.4.2.6 sshd_config --- sshd_config 28 Sep 2001 01:33:35 -0000 1.4.2.6 +++ sshd_config 23 Apr 2002 23:20:54 -0000 @@ -48,8 +48,8 @@ PasswordAuthentication yes PermitEmptyPasswords no -# Uncomment to disable s/key passwords -#ChallengeResponseAuthentication no +# Uncomment to enable s/key passwords +#ChallengeResponseAuthentication yes # To change Kerberos options #KerberosAuthentication no and against -current: Index: servconf.c =================================================================== RCS file: /cvs/src/crypto/openssh/servconf.c,v retrieving revision 1.30 diff -u -u -r1.30 servconf.c --- servconf.c 20 Apr 2002 09:26:43 -0000 1.30 +++ servconf.c 23 Apr 2002 23:18:01 -0000 @@ -212,7 +212,7 @@ if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 0; if (options->challenge_response_authentication == -1) - options->challenge_response_authentication = 1; + options->challenge_response_authentication = 0; if (options->permit_empty_passwd == -1) options->permit_empty_passwd = 0; if (options->use_login == -1) Index: sshd_config =================================================================== RCS file: /cvs/src/crypto/openssh/sshd_config,v retrieving revision 1.19 diff -u -u -r1.19 sshd_config --- sshd_config 2 Apr 2002 21:53:54 -0000 1.19 +++ sshd_config 23 Apr 2002 23:24:54 -0000 @@ -60,8 +60,8 @@ #PasswordAuthentication yes #PermitEmptyPasswords no -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes +# Change to yes to enable s/key passwords +#ChallengeResponseAuthentication no # Kerberos options # KerberosAuthentication automatically enabled if keyfile exists On Tue, Apr 23, 2002 at 01:05:09PM -0700, Jordan Hubbard wrote: > FWIW, I agree with you, but I'm more interested in fixing this right > now than I am in chasing the OpenSSH maintainers around with patches > (unless we've already forked - have we?). I'll also be happy to > change this twice if it turns out that getting the change into OpenSSH > is easier than I thought, but I don't want just having this be fixed > contingent on that. > > - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020423233452.GC86692>