mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-26 20:02:13 +00:00
- markus@cvs.openbsd.org 2002/04/22 16:16:53
[servconf.c sshd.8 sshd_config] do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@
This commit is contained in:
parent
635fe98a7f
commit
d7de14b6ad
@ -21,6 +21,9 @@
|
||||
- markus@cvs.openbsd.org 2002/04/22 06:15:47
|
||||
[radix.c]
|
||||
fix check for overflow
|
||||
- markus@cvs.openbsd.org 2002/04/22 16:16:53
|
||||
[servconf.c sshd.8 sshd_config]
|
||||
do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@
|
||||
|
||||
20020421
|
||||
- (tim) [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0).
|
||||
@ -8287,4 +8290,4 @@
|
||||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.2068 2002/04/23 11:00:33 djm Exp $
|
||||
$Id: ChangeLog,v 1.2069 2002/04/23 11:04:51 djm Exp $
|
||||
|
@ -10,7 +10,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: servconf.c,v 1.106 2002/04/20 09:02:03 deraadt Exp $");
|
||||
RCSID("$OpenBSD: servconf.c,v 1.107 2002/04/22 16:16:53 markus Exp $");
|
||||
|
||||
#if defined(KRB4)
|
||||
#include <krb.h>
|
||||
@ -200,7 +200,7 @@ fill_default_server_options(ServerOptions *options)
|
||||
options->pubkey_authentication = 1;
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
if (options->kerberos_authentication == -1)
|
||||
options->kerberos_authentication = (access(KEYFILE, R_OK) == 0);
|
||||
options->kerberos_authentication = 0;
|
||||
if (options->kerberos_or_local_passwd == -1)
|
||||
options->kerberos_or_local_passwd = 1;
|
||||
if (options->kerberos_ticket_cleanup == -1)
|
||||
|
4
sshd.8
4
sshd.8
@ -34,7 +34,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: sshd.8,v 1.177 2002/04/21 16:19:27 stevesk Exp $
|
||||
.\" $OpenBSD: sshd.8,v 1.178 2002/04/22 16:16:53 markus Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSHD 8
|
||||
.Os
|
||||
@ -571,7 +571,7 @@ the Kerberos KDC.
|
||||
To use this option, the server needs a
|
||||
Kerberos servtab which allows the verification of the KDC's identity.
|
||||
Default is
|
||||
.Dq yes .
|
||||
.Dq no .
|
||||
.It Cm KerberosOrLocalPasswd
|
||||
If set then if password authentication through Kerberos fails then
|
||||
the password will be validated via any additional local mechanism
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: sshd_config,v 1.50 2002/04/21 16:19:27 stevesk Exp $
|
||||
# $OpenBSD: sshd_config,v 1.51 2002/04/22 16:16:53 markus Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See sshd(8)
|
||||
# for more information.
|
||||
@ -60,8 +60,7 @@
|
||||
#ChallengeResponseAuthentication yes
|
||||
|
||||
# Kerberos options
|
||||
# KerberosAuthentication automatically enabled if keyfile exists
|
||||
#KerberosAuthentication yes
|
||||
#KerberosAuthentication no
|
||||
#KerberosOrLocalPasswd yes
|
||||
#KerberosTicketCleanup yes
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user