svn commit: r401289 - head/security/openssh-portable
Bryan Drewery
bdrewery at FreeBSD.org
Wed Nov 11 18:04:42 UTC 2015
Author: bdrewery
Date: Wed Nov 11 18:04:40 2015
New Revision: 401289
URL: https://svnweb.freebsd.org/changeset/ports/401289
Log:
Update advice to disable ChallengeResponseAuthentication for key usage.
PR: 204475
Reported by: Mark.Martinec at ijs.si
Modified:
head/security/openssh-portable/Makefile
head/security/openssh-portable/pkg-message
Modified: head/security/openssh-portable/Makefile
==============================================================================
--- head/security/openssh-portable/Makefile Wed Nov 11 17:40:45 2015 (r401288)
+++ head/security/openssh-portable/Makefile Wed Nov 11 18:04:40 2015 (r401289)
@@ -3,7 +3,7 @@
PORTNAME= openssh
DISTVERSION= 7.1p1
-PORTREVISION= 2
+PORTREVISION= 3
PORTEPOCH= 1
CATEGORIES= security ipv6
MASTER_SITES= OPENBSD/OpenSSH/portable
Modified: head/security/openssh-portable/pkg-message
==============================================================================
--- head/security/openssh-portable/pkg-message Wed Nov 11 17:40:45 2015 (r401288)
+++ head/security/openssh-portable/pkg-message Wed Nov 11 18:04:40 2015 (r401289)
@@ -11,5 +11,6 @@ OpenSSH port, and if truly necessary, re
by readjusting this option in your sshd_config.
Users are encouraged to create single-purpose users with ssh keys, disable
-Password auth with 'PasswordAuthentication no' and define very narrow sudo
+Password authentication by setting 'PasswordAuthentication no' and
+'ChallengeResponseAuthentication no', and to define very narrow sudo
privileges instead of using root for automated tasks.
More information about the svn-ports-head
mailing list