Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade

To: 428968@bugs.debian.org
Subject: Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade
From: keith001@writeme.com
Date: Mon, 18 Jun 2007 12:19:56 -0400
Message-id: <[🔎] 20070618121956.a0146a82.keith001@writeme.com>
Reply-to: keith001@writeme.com, 428968@bugs.debian.org

For what it's worth, I encountered the same problem after updating.

My sshd config used to read:
    ## commented out for password ssh: ChallengeResponseAuthentication no
    PasswordAuthentication no
which I understand:
- don't not process passwords at sshd level
- yes to Challenge/Response (handled by pam if I remember correctly)

Adding:
    ChallengeResponseAuthentication yes
made it work again.

Which would mean that:
- the default value to ChallengeResponseAuthentication switched from Y to N with this update;
- people who report being surprised of having "PasswordAuthentication no" in their config were
probably using challenge/response as I did.

I think I remember there was a reason for using challenge/response through pam instead 
of direct password.
I see some activity about that in the changelog (1:4.1p1-1 for instance, says:
"Disable ChallengeResponseAuthentication in new installations, returning
     to PasswordAuthentication by default, since it now supports PAM and
     apparently works better with a non-threaded sshd (closes: #247521).")

Anybody knowledgeable has an opinion?

Thanks

Reply to:

Prev by Date: Bug#429531: chan_read_failed log spam
Next by Date: Bug#429531: chan_read_failed log spam
Previous by thread: Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade
Next by thread: Bug#405041: Debian Bug report logs - #405041
Index(es):
- Date
- Thread