On Wednesday 12 February 2003 5:44, BSD baby wrote:
> I install OpenSSH like this:
> cd /usr/ports/security/openssh-portable
> make -DOPENSSH_OVERWRITE_BASE install
> That puts things here:
> BUT... it seems to be IGNORING the sshd_config!
> TWO major security holes:
> #1 - It won't let me turn off passwords
> (PasswordAuthentication no)
> #2 - It only requires I type the first 8 characters
> of my password! (I use 16-character password.)
> I don't have these problems on OpenBSD.
> Any idea why they would be on FreeBSD?
They shouldn't. Why are you using the ported version though? The version
included in base is in many cases more secure than the version from ports,
and it's been checked and poked with a stick by FreeBSD coders to make sure
every thing is compatible, not to mention that it's properly PAMified
(which the ports one doesn't seem to be)
If you must have the latest version, rather get it from base and while
you're at it, upgrade the rest of base too. Install the sources in /usr/src
and use cvsup (in ports) to get the latest source, then follow instructions
in /usr/src/UPDATING to upgrade your system.
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questions" in the body of the message
Freelance IT Consultant
214 Paul Kruger Avenue, Universitas
+27 51 522 15 60
+27 51 522 44 36 (after hours)
+27 82 404 03 27 (mobile)
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message