From e1e480aee8a9af6cfbe7188667b7b940d6b57f9f Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 4 Feb 2014 11:13:17 +1100 Subject: [PATCH] - jmc@cvs.openbsd.org 2014/01/29 14:04:51 [sshd_config.5] document kbdinteractiveauthentication; requested From: Ross L Richardson dtucker/markus helped explain its workings; --- ChangeLog | 6 ++++++ sshd_config.5 | 15 +++++++++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 25d9c9aff..aca0044fe 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,6 +25,12 @@ [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] remove experimental, never-enabled JPAKE code; ok markus@ + - jmc@cvs.openbsd.org 2014/01/29 14:04:51 + [sshd_config.5] + document kbdinteractiveauthentication; + requested From: Ross L Richardson + + dtucker/markus helped explain its workings; 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) diff --git a/sshd_config.5 b/sshd_config.5 index 3b21ea6e7..de330a00c 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.170 2013/12/08 09:53:27 dtucker Exp $ -.Dd $Mdocdate: December 8 2013 $ +.\" $OpenBSD: sshd_config.5,v 1.171 2014/01/29 14:04:51 jmc Exp $ +.Dd $Mdocdate: January 29 2014 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -633,6 +633,17 @@ The default is for interactive sessions and .Dq throughput for non-interactive sessions. +.It Cm KbdInteractiveAuthentication +Specifies whether to allow keyboard-interactive authentication. +The argument to this keyword must be +.Dq yes +or +.Dq no . +The default is to use whatever value +.Cm ChallengeResponseAuthentication +is set to +(by default +.Dq yes ) . .It Cm KerberosAuthentication Specifies whether the password provided by the user for .Cm PasswordAuthentication