Bug#247521: ssh: Default setting PasswordAuthentication No breaks some SSH clients.
Package: ssh
Version: 1:3.8p1-3
Severity: normal
A change was made to the default value of "PasswordAuthentication" in
version 1:3.8p1-2 in response to bug #236810. It seems that some SSH
clients are unable to connect to the daemon in this configuration,
however. Specifically, OpenSSH as well as the command-line version
SecureCRT seem to connect fine, while the GUI version of SecureCRT and
FSecure's SSH client (both on Windows) fail to connect.
The solution for me at the moment is to simply set it to "Yes", but I
suspect this could be a source of great confusion for a new user. Is
this a case of the two Windows SSH clients not fully conforming to
specification, or should this configuration change really break clients?
Daniel
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.25-1-k7
Locale: LANG=C, LC_CTYPE=C
Versions of packages ssh depends on:
ii adduser 3.52 Add and remove users and groups
ii debconf 1.4.25 Debian configuration
management sy
ii dpkg 1.10.21 Package maintenance system for
Deb
ii libc6 2.3.2.ds1-12 GNU C Library: Shared
libraries an
ii libpam-modules 0.76-20 Pluggable Authentication
Modules f
ii libpam-runtime 0.76-20 Runtime support for the PAM
librar
ii libpam0g 0.76-20 Pluggable Authentication
Modules l
ii libssl0.9.7 0.9.7d-1 SSL shared libraries
ii libwrap0 7.6.dbs-3 Wietse Venema's TCP wrappers
libra
ii zlib1g 1:1.2.1-5 compression library - runtime
-- debconf information:
ssh/insecure_rshd:
ssh/user_environment_tell:
ssh/ssh2_keys_merged:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
* ssh/SUID_client: true
Reply to: