[Bug 263045] security/openssh-portable: password configuration options are unclear

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 263045] sshd allows password logins when "PasswordAuthentication no" is set"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 16 Jun 2022 12:52:50 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263045

--- Comment #16 from commit-hook@FreeBSD.org ---
A commit in branch stable/13 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=ce8133a5218b1f0e3ed17579029fcb12be93cf2d

commit ce8133a5218b1f0e3ed17579029fcb12be93cf2d
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-05-25 13:32:57 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-06-16 12:50:23 +0000

    sshd_config: clarify password authentication options

    Passwords may be accepted by both the PasswordAuthentication and
    KbdInteractiveAuthentication authentication schemes.  Add a reference to
    the latter in the description/comment for PasswordAuthentication, as it
    otherwise may seem that "PasswordAuthentication no" implies passwords
    will be disallowed.

    This situation should be clarified with more extensive documentation on
    the authentication schemes and configuration options, but that should be
    done in coordination with upstream OpenSSH.  This is a minimal change
    that will hopefully clarify the situation without requiring an extensive
    local patch set.

    PR:             263045
    Reviewed by:    manu (earlier version)
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D35272

    (cherry picked from commit 9f009e066f088e2c31442db31d2a85001040abfe)

 crypto/openssh/sshd_config   | 1 +
 crypto/openssh/sshd_config.5 | 2 ++
 2 files changed, 3 insertions(+)

-- 
You are receiving this mail because:
You are the assignee for the bug.