PAM merge from FreeBSD
Damien Miller
djm at mindrot.org
Sat Jan 11 09:35:30 EST 2003
Frank Cusack wrote:
>>I don't think we do any of these properly at the moment with privsep
>>(maybe "echo on"). The new code allows for echo/don't echo and the
>>possibility of multiple exchanges.
>
> Anyone that's using protocol 1 is probably using an older client that doesn't
> have these updates.
I don't understand - the vast majority of people will be using a client
with the necessary support. This includes (at least) OpenSSH, SSH.COM,
PuTTY, MindTerm and F-Secure. (The first two alone have over 94% market
share).
Those who don't have a client which supports kbdint can fallback to
password auth, uograde their client or not upgrade the which ever
version includes PAM via kbdint.
-d
More information about the openssh-unix-dev
mailing list