[TriLUG] Re: OpenSSH Security Advisory (adv.iss)
Brian Daniels
bitmage at bellsouth.net
Wed Jun 26 15:34:11 EDT 2002
On Wed, Jun 26, 2002 at 03:11:01PM -0400, Tom 'spot' Callaway wrote:
> No, the default value is no. ChallengeResponseAuthentication is only
> used for things like s/key. You'd know if you turned it on.
That assumes that you know what options your vendor chose when they built
OpenSSH. Setting it to 'no' guarantees that it's off, and is harmless in
any case.
--Brian 'belt & suspenders' Daniels
--
Anything you can imagine (and many things you can't),
someone on the net is doing.
Brian Daniels bitmage at bellsouth.net
http://www.eviloverlord.net
More information about the TriLUG
mailing list