Change default challenge/response behavior of sshd by popular demand.
This brings us into sync with the behavior of sshd on other Unix platforms. Submitted by: Joshua Goodall <joshua@roughtrade.net>
This commit is contained in:
@@ -212,7 +212,7 @@ fill_default_server_options(ServerOptions *options)
|
||||
if (options->kbd_interactive_authentication == -1)
|
||||
options->kbd_interactive_authentication = 0;
|
||||
if (options->challenge_response_authentication == -1)
|
||||
options->challenge_response_authentication = 1;
|
||||
options->challenge_response_authentication = 0;
|
||||
if (options->permit_empty_passwd == -1)
|
||||
options->permit_empty_passwd = 0;
|
||||
if (options->use_login == -1)
|
||||
|
||||
@@ -60,8 +60,8 @@
|
||||
#PasswordAuthentication yes
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to no to disable s/key passwords
|
||||
#ChallengeResponseAuthentication yes
|
||||
# Change to yes to enable s/key passwords
|
||||
#ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
# KerberosAuthentication automatically enabled if keyfile exists
|
||||
|
||||
Reference in New Issue
Block a user