tech-security: Re: OpenSSH Priv Sep and Remote Exploit?

Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: Jason R Thorpe <thorpej@wasabisystems.com>
From: None <itojun@iijlab.net>
List: tech-security
Date: 06/27/2002 03:43:38

> > # Change to no to disable s/key passwords
> > #ChallengeResponseAuthentication yes
> > 
> > which implies that they're the same option.  Or is it different on 
> > other versions?  I checked 3.1 and 3.3.1.
>Hm, they used to be different, I thought.  I could be mistaken.

	SkeyAuthentication seemed to have renamed into
	ChallengeResponseAuthentication, it seems.  not sure if they mean
	exactly the same thing.

itojun


http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.diff?r1=1.29&r2=1.30

Revision 1.30 / (download) - annotate - [select for diffs] , Sat Feb 3 10:19:51
2001 UTC (16 months, 3 weeks ago) by markus
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
Skey is now called ChallengeResponse