OpenSSH daemon security bug?

Damien Miller djm at mindrot.org
Wed Jan 6 10:34:09 EST 2010


On Tue, 5 Jan 2010, Davi Diaz wrote:

> Unfortunately we can not configure sshd to require both
> account-password and key authentication to be able to login. That
> maybe would help to solve the key management risk because at least we
> could automate the check to force the use of strong account-passwords
> in our policy security.

Watch activity on https://bugzilla.mindrot.org/show_bug.cgi?id=983 if
you are interested in progress on this feature.

-d


More information about the openssh-unix-dev mailing list