svn commit: r321659 - head/release/tools
Glen Barber
gjb at FreeBSD.org
Fri Jul 28 18:27:31 UTC 2017
Author: gjb
Date: Fri Jul 28 18:27:30 2017
New Revision: 321659
URL: https://svnweb.freebsd.org/changeset/base/321659
Log:
Turn off ChallengeResponseAuthentication for EC2 AMIs, one of EC2's
requirements.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Modified:
head/release/tools/ec2.conf
Modified: head/release/tools/ec2.conf
==============================================================================
--- head/release/tools/ec2.conf Fri Jul 28 18:11:53 2017 (r321658)
+++ head/release/tools/ec2.conf Fri Jul 28 18:27:30 2017 (r321659)
@@ -81,6 +81,12 @@ vm_extra_pre_umount() {
# Load the kernel module for the Amazon "Elastic Network Adapter"
echo 'if_ena_load="YES"' >> ${DESTDIR}/boot/loader.conf
+ # Disable ChallengeResponseAuthentication according to EC2
+ # requirements.
+ sed -i '' -e \
+ 's/^#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' \
+ ${DESTDIR}/etc/ssh/sshd_config
+
# The first time the AMI boots, the installed "first boot" scripts
# should be allowed to run:
# * ec2_configinit (download and process EC2 user-data)
More information about the svn-src-head
mailing list