"David O'Brien" <[EMAIL PROTECTED]> writes: > Something is still very wrong: > > ssh foo@releng4 > otp-md5 350 re9786 ext > S/Key Password: > otp-md5 134 re2584 ext > S/Key Password: > otp-md5 417 re5381 ext > S/Key Password: > otp-md5 198 re2571 ext > S/Key Password: > > Uh, why does my sequence keep changing when I just hit <return>???
Because it's generating fake S/Key challenges, and badly. > And this will not accept my Unix password until I enter garbage _3_ times, > then I finally get a Unix password prompt. > > Hello, DES? Have you seen this thread? No, I haven't seen it, but I've had similar reports. It's actually a bug on the server side, in older OpenSSH servers, that is exposed by newer OpenSSH clients. I haven't yet determined a correct client-side solution, but a workaround is to disable S/Key authentication for those hosts where you don't actually want to use it, by adding the following to ~/.ssh/config: Host foo bar baz SKeyAuthentication no OpenSSH 3.1 servers on -CURRENT will DTRT since they use PAM. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message