[openssh-commits] [openssh] 03/03: Replace remaining references to ChallengeResponse.

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Jul 3 19:34:38 AEST 2021

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Sat Jul 3 19:27:43 2021 +1000

    Replace remaining references to ChallengeResponse.
    Portable had a few additional references to ChallengeResponse related to
    UsePAM, replaces these with equivalent keyboard-interactive ones.
 sshd_config   | 6 +++---
 sshd_config.5 | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/sshd_config b/sshd_config
index 4b3011ec..c423eba1 100644
--- a/sshd_config
+++ b/sshd_config
@@ -72,13 +72,13 @@ AuthorizedKeysFile	.ssh/authorized_keys
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
+# be allowed through the KbdInteractiveAuthentication and
 # PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
+# PAM authentication via KbdInteractiveAuthentication may bypass
 # the setting of "PermitRootLogin without-password".
 # If you just want the PAM account and session checks to run without
 # PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
+# and KbdInteractiveAuthentication to 'no'.
 #UsePAM no
 #AllowAgentForwarding yes
diff --git a/sshd_config.5 b/sshd_config.5
index 07635932..faa0a0f3 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -1745,17 +1745,17 @@ Enables the Pluggable Authentication Module interface.
 If set to
 .Cm yes
 this will enable PAM authentication using
-.Cm ChallengeResponseAuthentication
+.Cm KbdInteractiveAuthentication
 .Cm PasswordAuthentication
 in addition to PAM account and session module processing for all
 authentication types.
-Because PAM challenge-response authentication usually serves an equivalent
+Because PAM keyboard-interactive authentication usually serves an equivalent
 role to password authentication, you should disable either
 .Cm PasswordAuthentication
-.Cm ChallengeResponseAuthentication.
+.Cm KbdInteractiveAuthentication.
 .Cm UsePAM

To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list