[TriLUG] Re: OpenSSH Security Advisory (adv.iss)

Brian Daniels bitmage at bellsouth.net
Wed Jun 26 15:34:11 EDT 2002


On Wed, Jun 26, 2002 at 03:11:01PM -0400, Tom 'spot' Callaway wrote:
> No, the default value is no. ChallengeResponseAuthentication is only
> used for things like s/key. You'd know if you turned it on.

That assumes that you know what options your vendor chose when they built 
OpenSSH.  Setting it to 'no' guarantees that it's off, and is harmless in 
any case.

--Brian 'belt & suspenders' Daniels

-- 


Anything you can imagine (and many things you can't), 
someone on the net is doing.

Brian Daniels                  bitmage at bellsouth.net
      http://www.eviloverlord.net




More information about the TriLUG mailing list