recompile sshd with OPIE?

Chuck Swiger cswiger at mac.com
Tue Aug 16 03:07:25 GMT 2005


Dag-Erling Smørgrav wrote:
> freebsd-security at auscert.org.au writes:
>>Can this be achieved within the regular system build process, or must I
>>roll my own?
> 
> You need to change src/crypto/openssh/config.h so it says
> 
> /* #undef PAM */
> #define SKEY 1
> #define OPIE 1
> 
> instead of
> 
> #define PAM 1
> /* #undef SKEY */
> /* #undef OPIE */
> 
> then rebuild world.

Aha!  I bet ports/security/fwtk would be much happier if SKEY was around.
Were these enabled some time ago and since disabled...?

-- 
-Chuck



More information about the freebsd-security mailing list