From a9086a1c4c603d277f1259b51d1df7b89a0554a8 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Mon, 6 Aug 2001 20:58:51 +0000 Subject: - markus@cvs.openbsd.org 2001/07/23 12:47:05 [ssh.1] sync PreferredAuthentications --- ChangeLog | 5 ++++- ssh.1 | 14 ++++++-------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6935e528b..1de412e3a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,9 @@ [sshconnect2.c] reorder default sequence of userauth methods to match ssh behaviour: hostbased,publickey,keyboard-interactive,password + - markus@cvs.openbsd.org 2001/07/23 12:47:05 + [ssh.1] + sync PreferredAuthentications 20010803 - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on @@ -6127,4 +6130,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1430 2001/08/06 20:57:11 mouring Exp $ +$Id: ChangeLog,v 1.1431 2001/08/06 20:58:51 mouring Exp $ diff --git a/ssh.1 b/ssh.1 index f8d9fc689..b96edeacc 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.122 2001/07/22 22:04:19 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.123 2001/07/23 12:47:05 markus Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -209,12 +209,10 @@ When a user connects using the protocol version 2 different authentication methods are available. Using the default values for .Cm PreferredAuthentications , -the client will try to authenticate first using the public key method; -if this method fails password authentication is attempted, -and finally if this method fails keyboard-interactive authentication -is attempted. -If this method fails password authentication is -tried. +the client will try to authenticate first using the hostbased method; +if this method fails public key authentication is attempted, +and finally if this method fails keyboard-interactive and +password authentication are tried. .Pp The public key method is similar to RSA authentication described in the previous section and allows the RSA or DSA algorithm to be used: @@ -912,7 +910,7 @@ authentication methods. This allows a client to prefer one method (e.g. over another method (e.g. .Cm password ) The default for this option is: -.Dq publickey,hostbased,password,keyboard-interactive +.Dq hostbased,publickey,keyboard-interactive,password .It Cm Protocol Specifies the protocol versions .Nm -- cgit v1.2.3