On 23 Jul 2015, at 13:33, Theo de Raadt wrote: > >> My freebsd boxes do *not* have the problem, but that's because I have >> set 'ChallengeResponseAuthentication no'. >> I don't even remember why I set that on my freebsd boxes. I change very >> few settings, but for some reason I decided to change that one. > > So try it on some other system without that setting. We'll wait. > > Then come come back and report whether your observations are identical > or subtly different.
As noted in my message, I did actually test it on a variety of systems. >> I can reproduce the problem on my Macs, because they are setup with >> 'ChallengeResponseAuthentication yes', and I do not turn it off. > > That has effectively the same authentication system as FreeBSD, same > fast password check, etc. > >> I'm also told that there is a patch for the oversight in OpenSSH's code, >> and that can be seen at: >> >> https://anongit.mindrot.org/openssh.git/patch/?id=5b64f85bb811246c59ebab > > It was an oversight, and on most systems it has limited impact, because > repeated session connects can still be used by people to run the passwd > check ciphers at full speed. > > It affects some operating systems to a much larger degree. > > Your statements sound like advocacy. No, it was not meant as advocacy. I'm just reporting what I found out from my own tests, and tests that others have done. And even by my own reports, the default FreeBSD config does exhibit this problem. I happened to avoid it on my systems, but that was more by luck than any cleverness on my part. The original post wondered if this was some mis-timed April Fool's joke. My reply was just to say that it's a real issue, although many people won't see this issue due to the way sshd is configured on their systems. -- Garance Alistair Drosehn = dro...@rpi.edu Senior Systems Programmer or g...@freebsd.org Rensselaer Polytechnic Institute; Troy, NY; USA