diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | servconf.c | 4 | ||||
| -rw-r--r-- | sshd.8 | 4 | ||||
| -rw-r--r-- | sshd_config | 5 |
4 files changed, 10 insertions, 8 deletions
| @@ -21,6 +21,9 @@ | |||
| 21 | - markus@cvs.openbsd.org 2002/04/22 06:15:47 | 21 | - markus@cvs.openbsd.org 2002/04/22 06:15:47 |
| 22 | [radix.c] | 22 | [radix.c] |
| 23 | fix check for overflow | 23 | fix check for overflow |
| 24 | - markus@cvs.openbsd.org 2002/04/22 16:16:53 | ||
| 25 | [servconf.c sshd.8 sshd_config] | ||
| 26 | do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@ | ||
| 24 | 27 | ||
| 25 | 20020421 | 28 | 20020421 |
| 26 | - (tim) [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0). | 29 | - (tim) [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0). |
| @@ -8287,4 +8290,4 @@ | |||
| 8287 | - Wrote replacements for strlcpy and mkdtemp | 8290 | - Wrote replacements for strlcpy and mkdtemp |
| 8288 | - Released 1.0pre1 | 8291 | - Released 1.0pre1 |
| 8289 | 8292 | ||
| 8290 | $Id: ChangeLog,v 1.2068 2002/04/23 11:00:33 djm Exp $ | 8293 | $Id: ChangeLog,v 1.2069 2002/04/23 11:04:51 djm Exp $ |
diff --git a/servconf.c b/servconf.c index 5172813ec..4b5b406a7 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | */ | 10 | */ |
| 11 | 11 | ||
| 12 | #include "includes.h" | 12 | #include "includes.h" |
| 13 | RCSID("$OpenBSD: servconf.c,v 1.106 2002/04/20 09:02:03 deraadt Exp $"); | 13 | RCSID("$OpenBSD: servconf.c,v 1.107 2002/04/22 16:16:53 markus Exp $"); |
| 14 | 14 | ||
| 15 | #if defined(KRB4) | 15 | #if defined(KRB4) |
| 16 | #include <krb.h> | 16 | #include <krb.h> |
| @@ -200,7 +200,7 @@ fill_default_server_options(ServerOptions *options) | |||
| 200 | options->pubkey_authentication = 1; | 200 | options->pubkey_authentication = 1; |
| 201 | #if defined(KRB4) || defined(KRB5) | 201 | #if defined(KRB4) || defined(KRB5) |
| 202 | if (options->kerberos_authentication == -1) | 202 | if (options->kerberos_authentication == -1) |
| 203 | options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); | 203 | options->kerberos_authentication = 0; |
| 204 | if (options->kerberos_or_local_passwd == -1) | 204 | if (options->kerberos_or_local_passwd == -1) |
| 205 | options->kerberos_or_local_passwd = 1; | 205 | options->kerberos_or_local_passwd = 1; |
| 206 | if (options->kerberos_ticket_cleanup == -1) | 206 | if (options->kerberos_ticket_cleanup == -1) |
| @@ -34,7 +34,7 @@ | |||
| 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 36 | .\" | 36 | .\" |
| 37 | .\" $OpenBSD: sshd.8,v 1.177 2002/04/21 16:19:27 stevesk Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.178 2002/04/22 16:16:53 markus Exp $ |
| 38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
| 39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
| 40 | .Os | 40 | .Os |
| @@ -571,7 +571,7 @@ the Kerberos KDC. | |||
| 571 | To use this option, the server needs a | 571 | To use this option, the server needs a |
| 572 | Kerberos servtab which allows the verification of the KDC's identity. | 572 | Kerberos servtab which allows the verification of the KDC's identity. |
| 573 | Default is | 573 | Default is |
| 574 | .Dq yes . | 574 | .Dq no . |
| 575 | .It Cm KerberosOrLocalPasswd | 575 | .It Cm KerberosOrLocalPasswd |
| 576 | If set then if password authentication through Kerberos fails then | 576 | If set then if password authentication through Kerberos fails then |
| 577 | the password will be validated via any additional local mechanism | 577 | the password will be validated via any additional local mechanism |
diff --git a/sshd_config b/sshd_config index a6b148bc9..d55a9e68c 100644 --- a/sshd_config +++ b/sshd_config | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: sshd_config,v 1.50 2002/04/21 16:19:27 stevesk Exp $ | 1 | # $OpenBSD: sshd_config,v 1.51 2002/04/22 16:16:53 markus Exp $ |
| 2 | 2 | ||
| 3 | # This is the sshd server system-wide configuration file. See sshd(8) | 3 | # This is the sshd server system-wide configuration file. See sshd(8) |
| 4 | # for more information. | 4 | # for more information. |
| @@ -60,8 +60,7 @@ | |||
| 60 | #ChallengeResponseAuthentication yes | 60 | #ChallengeResponseAuthentication yes |
| 61 | 61 | ||
| 62 | # Kerberos options | 62 | # Kerberos options |
| 63 | # KerberosAuthentication automatically enabled if keyfile exists | 63 | #KerberosAuthentication no |
| 64 | #KerberosAuthentication yes | ||
| 65 | #KerberosOrLocalPasswd yes | 64 | #KerberosOrLocalPasswd yes |
| 66 | #KerberosTicketCleanup yes | 65 | #KerberosTicketCleanup yes |
| 67 | 66 | ||