1 files changed, 5 insertions, 5 deletions
diff --git a/debian/templates.master b/debian/templates.master
index 55727c933..4ae80e3fb 100644
--- a/debian/templates.master
+++ b/debian/templates.master
@@ -126,7 +126,7 @@ _Description: Environment options on keys have been deprecated
 Template: ssh/disable_cr_auth
 Type: boolean
-Default: true
+Default: false
 _Description: Disable challenge-response authentication?
 Password authentication appears to be disabled in your current OpenSSH
 server configuration. In order to prevent users from logging in using
@@ -135,7 +135,7 @@ _Description: Disable challenge-response authentication?
 authentication, or else ensure that your PAM configuration does not allow
 Unix password file authentication.
 .
- If you disable challenge-response authentication (the default answer), then
+ If you disable challenge-response authentication, then users will not be
- users will not be able to log in using passwords. If you leave it enabled,
+ able to log in using passwords. If you leave it enabled (the default
- then the 'PasswordAuthentication no' option will have no useful effect
+ answer), then the 'PasswordAuthentication no' option will have no useful
- unless you also adjust your PAM configuration in /etc/pam.d/ssh.
+ effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.

diff --git a/debian/templates.master b/debian/templates.master index 55727c933..4ae80e3fb 100644 --- a/debian/templates.master +++ b/debian/templates.master
@@ -126,7 +126,7 @@ _Description: Environment options on keys have been deprecated
126		126
127	Template: ssh/disable_cr_auth	127	Template: ssh/disable_cr_auth
128	Type: boolean	128	Type: boolean
129	Default: true	129	Default: false
130	_Description: Disable challenge-response authentication?	130	_Description: Disable challenge-response authentication?
131	Password authentication appears to be disabled in your current OpenSSH	131	Password authentication appears to be disabled in your current OpenSSH
132	server configuration. In order to prevent users from logging in using	132	server configuration. In order to prevent users from logging in using
@@ -135,7 +135,7 @@ _Description: Disable challenge-response authentication?
135	authentication, or else ensure that your PAM configuration does not allow	135	authentication, or else ensure that your PAM configuration does not allow
136	Unix password file authentication.	136	Unix password file authentication.
137	.	137	.
138	If you disable challenge-response authentication (the default answer), then	138	If you disable challenge-response authentication, then users will not be
139	users will not be able to log in using passwords. If you leave it enabled,	139	able to log in using passwords. If you leave it enabled (the default
140	then the 'PasswordAuthentication no' option will have no useful effect	140	answer), then the 'PasswordAuthentication no' option will have no useful
141	unless you also adjust your PAM configuration in /etc/pam.d/ssh.	141	effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.