From owner-freebsd-hackers Wed Apr 24 21: 7:52 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from winston.freebsd.org (adsl-64-173-15-98.dsl.sntc01.pacbell.net [64.173.15.98]) by hub.freebsd.org (Postfix) with ESMTP id 7A35737B405; Wed, 24 Apr 2002 21:07:47 -0700 (PDT) Received: from winston.freebsd.org (jkh@localhost [127.0.0.1]) by winston.freebsd.org (8.12.2/8.12.2) with ESMTP id g3P45t7W017570; Wed, 24 Apr 2002 21:05:55 -0700 (PDT) (envelope-from jkh@winston.freebsd.org) To: Robert Watson Cc: hackers@freebsd.org Subject: Re: Erm, since everyone managed to HIJACK my sshd thread! ;) In-Reply-To: Message from Robert Watson of "Wed, 24 Apr 2002 21:50:46 EDT." Date: Wed, 24 Apr 2002 21:05:55 -0700 Message-ID: <17569.1019707555@winston.freebsd.org> From: Jordan Hubbard Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Provide me a diff and I'll be happy to review it. I'm not really sure what you're talking about here and a context diff would remove any ambiguity. - Jordan > Sigh. I responded privately, but I see a plethora of mis-informed response > also. Please commit the fix to the S/Key code, rather than disabling > challenge response protocol behavior. There's nothing wrong with > supporting the challenge/response parts of the protocol, and it's even > desirable from a PAM perspective. Go fix it properly. > > Robert N M Watson FreeBSD Core Team, TrustedBSD Project > robert@fledge.watson.org NAI Labs, Safeport Network Services > > On Tue, 23 Apr 2002, Jordan Hubbard wrote: > > > I'm going to commit the following in 48 hours unless someone can > > convince me that it's a good idea for FreeBSD to be the odd-OS out > > with respect to this behavior: > > > > Index: sshd_config > > =================================================================== > > RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v > > retrieving revision 1.4.2.6 > > diff -u -r1.4.2.6 sshd_config > > --- sshd_config 28 Sep 2001 01:33:35 -0000 1.4.2.6 > > +++ sshd_config 23 Apr 2002 18:38:01 -0000 > > @@ -48,8 +48,8 @@ > > PasswordAuthentication yes > > PermitEmptyPasswords no > > > > -# Uncomment to disable s/key passwords > > -#ChallengeResponseAuthentication no > > +# Comment out to enable s/key passwords > > +ChallengeResponseAuthentication no > > > > # To change Kerberos options > > #KerberosAuthentication no > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-hackers" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message