Leave ChallengeResponseAuthentication enabled by default, since

PasswordAuthentication has been turned off for new installs since 1:3.8p1-2.
author: Colin Watson <cjwatson@debian.org> 2004-10-06 13:05:09 +0000
committer: Colin Watson <cjwatson@debian.org> 2004-10-06 13:05:09 +0000
commit: 08c262ff39622db49af82f3c801f4541298ab7a5 (patch)
tree: b525cd9ede6498f86142aa8d6a9d53707f9d6078 /debian/templates.master
parent: 9c0a1b315ca0bcf1db337e25db71b03e4fc2b586 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/debian/templates.master b/debian/templates.master
index 55727c933..4ae80e3fb 100644
--- a/debian/templates.master
+++ b/debian/templates.master
@@ -126,7 +126,7 @@ _Description: Environment options on keys have been deprecated
 Template: ssh/disable_cr_auth
 Type: boolean
-Default: true
+Default: false
 _Description: Disable challenge-response authentication?
 Password authentication appears to be disabled in your current OpenSSH
 server configuration. In order to prevent users from logging in using
@@ -135,7 +135,7 @@ _Description: Disable challenge-response authentication?
 authentication, or else ensure that your PAM configuration does not allow
 Unix password file authentication.
 .
- If you disable challenge-response authentication (the default answer), then
+ If you disable challenge-response authentication, then users will not be
- users will not be able to log in using passwords. If you leave it enabled,
+ able to log in using passwords. If you leave it enabled (the default
- then the 'PasswordAuthentication no' option will have no useful effect
+ answer), then the 'PasswordAuthentication no' option will have no useful
- unless you also adjust your PAM configuration in /etc/pam.d/ssh.
+ effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.
author	Colin Watson <cjwatson@debian.org>	2004-10-06 13:05:09 +0000
committer	Colin Watson <cjwatson@debian.org>	2004-10-06 13:05:09 +0000
commit	08c262ff39622db49af82f3c801f4541298ab7a5 (patch)
tree	b525cd9ede6498f86142aa8d6a9d53707f9d6078 /debian/templates.master
parent	9c0a1b315ca0bcf1db337e25db71b03e4fc2b586 (diff)

diff --git a/debian/templates.master b/debian/templates.master index 55727c933..4ae80e3fb 100644 --- a/debian/templates.master +++ b/debian/templates.master
@@ -126,7 +126,7 @@ _Description: Environment options on keys have been deprecated
126		126
127	Template: ssh/disable_cr_auth	127	Template: ssh/disable_cr_auth
128	Type: boolean	128	Type: boolean
129	Default: true	129	Default: false
130	_Description: Disable challenge-response authentication?	130	_Description: Disable challenge-response authentication?
131	Password authentication appears to be disabled in your current OpenSSH	131	Password authentication appears to be disabled in your current OpenSSH
132	server configuration. In order to prevent users from logging in using	132	server configuration. In order to prevent users from logging in using
@@ -135,7 +135,7 @@ _Description: Disable challenge-response authentication?
135	authentication, or else ensure that your PAM configuration does not allow	135	authentication, or else ensure that your PAM configuration does not allow
136	Unix password file authentication.	136	Unix password file authentication.
137	.	137	.
138	If you disable challenge-response authentication (the default answer), then	138	If you disable challenge-response authentication, then users will not be
139	users will not be able to log in using passwords. If you leave it enabled,	139	able to log in using passwords. If you leave it enabled (the default
140	then the 'PasswordAuthentication no' option will have no useful effect	140	answer), then the 'PasswordAuthentication no' option will have no useful
141	unless you also adjust your PAM configuration in /etc/pam.d/ssh.	141	effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.