recompile sshd with OPIE?
freebsd-security at auscert.org.au
freebsd-security at auscert.org.au
Tue Aug 16 01:03:24 GMT 2005
> freebsd-security at auscert.org.au writes:
> > Can this be achieved within the regular system build process, or must I
> > roll my own?
>
> You need to change src/crypto/openssh/config.h so it says
>
> /* #undef PAM */
> #define SKEY 1
> #define OPIE 1
>
> instead of
>
> #define PAM 1
> /* #undef SKEY */
> /* #undef OPIE */
>
> then rebuild world.
Thanks - that is extremely helpful. Given that this involves modification
of CVS files I'll create a localised patch for myself. I believe that I
should be able to follow the independent build process for openssh rather
than building world; at least, I'll try that first.
joel
-- Joel Hatton --
Security Analyst | Hotline: +61 7 3365 4417
AusCERT - Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
More information about the freebsd-security
mailing list