On Wednesday 12 February 2003 5:44, BSD baby wrote:
I install OpenSSH like this:
cd /usr/ports/security/openssh-portable
make -DOPENSSH_OVERWRITE_BASE install
That puts things here:
/usr/bin/ssh
/usr/sbin/sshd
/etc/ssh/sshd_config
BUT... it seems to be IGNORING the sshd_config!
TWO major security holes:
#1 - It won't let me turn off passwords
(PasswordAuthentication no)
#2 - It only requires I type the first 8 characters
of my password! (I use 16-character password.)
I don't have these problems on OpenBSD.
Any idea why they would be on FreeBSD?
They shouldn't. Why are you using the ported version though? The version
included in base is in many cases more secure than the version from ports,
and it's been checked and poked with a stick by FreeBSD coders to make sure
every thing is compatible, not to mention that it's properly PAMified
(which the ports one doesn't seem to be)
If you must have the latest version, rather get it from base and while
you're at it, upgrade the rest of base too. Install the sources in /usr/src
and use cvsup (in ports) to get the latest source, then follow instructions
in /usr/src/UPDATING to upgrade your system.
Will
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
--
Willie Viljoen
Freelance IT Consultant
214 Paul Kruger Avenue, Universitas
Bloemfontein
9321
South Africa
+27 51 522 15 60
+27 51 522 44 36 (after hours)
+27 82 404 03 27 (mobile)
[EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message