Revised OpenSSH Security Advisory (adv.iss)
Andreas Hasenack
andreas at conectiva.com.br
Thu Jun 27 05:54:56 EST 2002
Em Wed, Jun 26, 2002 at 12:39:50PM -0700, Steve VanDevender escreveu:
> I think the announcement is fine the way it is. Having an explicit
> "PAMAuthenticationViaKbdInt no" in sshd_config is a lot less ambiguous
> than assuming it's disabled by default.
All these authentication mechanisms can be confusing, since many can
overlap. Just throw in challengeresponse, keyboard-interactive, password,
kerberos (via ticket or password), S/Key (which is challengeresponse but
can also be used via PAM) and so on.
Is there another document besides the man page sshd_config(5)
which explains all the available mechanisms in more detail? Or "just" the
RFC/protocol/standard/whatever description?
More information about the openssh-unix-dev
mailing list