Date: 09 Jul 2002 23:33:24 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: current@freebsd.org Subject: Re: PasswordAuthentication not works in sshd Message-ID: <xzp4rf8k2mz.fsf@flood.ping.uio.no> In-Reply-To: <20020709163050.GA18792@nagual.pp.ru> References: <20020702114530.GB837@nagual.pp.ru> <xzpn0tacp9c.fsf@flood.ping.uio.no> <20020709124943.GA15259@nagual.pp.ru> <xzphej9jb3i.fsf@flood.ping.uio.no> <20020709133611.GA17322@nagual.pp.ru> <xzpd6txj93r.fsf@flood.ping.uio.no> <20020709163050.GA18792@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" <ache@nagual.pp.ru> writes: > I understand that. What I say - it must be not in default setup because > break normal password auth for ssh. Only for users who have set up an OPIE password, but explicitly choose not to use OPIE. > I.e. I not set any special option in > sshd_config to enable OPIE or SKEY, why it is in the way? From sshd > configuring point of view OPIE auth must be directly enabled and not > turned on indirectly. Admins who already sets up OPIE for other programs > will be very confused finding (especially when not finding) that now OPIE > is turned on indirectly in ssh without even any config options. OPIE is already automatically enabled in every relevant FreeBSD utility, and has been for a long time. I would consider it a significant breach of POLA if sshd required additional configuration to enable OPIE when no other utility in the base system does. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp4rf8k2mz.fsf>