recompile sshd with OPIE?
Chuck Swiger
cswiger at mac.com
Tue Aug 16 03:07:25 GMT 2005
Dag-Erling Smørgrav wrote:
> freebsd-security at auscert.org.au writes:
>>Can this be achieved within the regular system build process, or must I
>>roll my own?
>
> You need to change src/crypto/openssh/config.h so it says
>
> /* #undef PAM */
> #define SKEY 1
> #define OPIE 1
>
> instead of
>
> #define PAM 1
> /* #undef SKEY */
> /* #undef OPIE */
>
> then rebuild world.
Aha! I bet ports/security/fwtk would be much happier if SKEY was around.
Were these enabled some time ago and since disabled...?
--
-Chuck
More information about the freebsd-security
mailing list