tech-pkg: Re: OpenSSH Priv Sep and Remote Exploit?

Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: Steven M. Bellovin <smb@research.att.com>
From: Jason R Thorpe <thorpej@wasabisystems.com>
List: tech-pkg
Date: 06/26/2002 11:28:19

On Wed, Jun 26, 2002 at 02:11:15PM -0400, Steven M. Bellovin wrote:
 > I'm confused again. sshd_config in 1.6beta3 has this:
 > 
 > # Change to no to disable s/key passwords
 > #ChallengeResponseAuthentication yes
 > 
 > which implies that they're the same option. Or is it different on 
 > other versions? I checked 3.1 and 3.3.1.
Hm, they used to be different, I thought. I could be mistaken.
-- 
 -- Jason R. Thorpe <thorpej@wasabisystems.com>