ChallengeResponseAuthentication - typos and inconsistancies?
Dave Dykstra
dwd at bell-labs.com
Fri Jul 27 04:49:31 EST 2001
On Sat, Jul 21, 2001 at 02:03:44PM +0100, Matthew Vernon wrote:
> Hi,
>
> It seems from the source code that there are a couple of quirks
> with this option:
>
> firstly, in the code it's mis-spelt as
> "challenge_reponse_authentication"
As Markus said, this is fixed in the current CVS.
> and secondly, the default for the client (in readconf.c) seems to be
> off, whereas for the server (servconf.c) seems to be on:
> readconf.c: if (options->challenge_reponse_authentication == -1)
> readconf.c: options->challenge_reponse_authentication = 0;
> servconf.c: if (options->challenge_reponse_authentication == -1)
> servconf.c: options->challenge_reponse_authentication = 1;
> Finally, the manual page says:
> The default is ``no''.
>
> Which set of defaults should be kept? in any case, the man page should
> agree with the code...
The sshd man page does say the Default is yes; only the ssh client says
no. It only matters if you've got authentication code configured.
- Dave Dykstra
More information about the openssh-unix-dev
mailing list