Our little home network:
ISP -> ROUTER -> SWITCH -> WIFI APs -> CLIENTS
ROUTER: OpenBSD 6.5, giving DHCP+fwing internet to the WIFI APs. Based on
https://www.openbsd.org/faq/pf/example1.html#pf and
https://www.openbsd.org/faq/pf/example1.html#dhcp
CLIENTS: laptops, smartphones.
So everything
> Sent: Wednesday, December 18, 2019 at 9:49 PM
> From: "Bodie"
> To: misc@openbsd.org, owner-m...@openbsd.org
> Subject: Re: Why isn't ChallengeResponseAuthentication NO in sshd_config?
>
>
>
> On 18.12.2019 18:48, lu hu wrote:
> > Hello,
> >
&g
Hello,
# what am I talking about?
https://man.openbsd.org/sshd_config#ChallengeResponseAuthentication
ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed. All
authentication styles from login.conf(5) are supported. The
Hello,
nobody about the $subject? :)
Why isn't ChallengeResponseAuthentication NO in sshd_config by default?
It would be more secure, afaik.
Many thanks.
> Sent: Thursday, December 19, 2019 at 7:58 PM
> From: "lu hu"
> To: misc@openbsd.org
>
rdr-to works perfectly! my hair is droppng off from the speed, without
ADs :) Many thanks. Wishing a great year-end for everybody!! Sent: Thursday,
December 19, 2019 at 8:50 PM
From: "Anthony O' Brien"
To: "lu hu"
Cc: misc@openbsd.org
Subject: Re: OpenBSD pf - redirect all
n
OpenSSH + OpenBSD.
Many thanks.
> Sent: Sunday, December 29, 2019 at 6:07 PM
> From: "lu hu"
> To: misc@openbsd.org
> Subject: Re: Why isn't ChallengeResponseAuthentication NO in sshd_config?
>
> Hello:
>
> 66# grep -i challenge /etc/ssh/sshd_config
>
Hello?
https://www.openiked.org/ is still down.
Thanks.
> Sent: Tuesday, January 07, 2020 at 8:27 PM
> From: "lu hu"
> To: direct...@openbsdfoundation.org
> Subject: Fw: Re: openiked.org down?
>
> Hello,
>
> can you please help to bring back
>
> https:
Hello,
did anyone noticed that the https://openiked.org/ is down?
NO "A" record is associated with the domain?
Thanks for any infos.
m I posting to the wrong list?
Really Many Thanks.
Happy New Year!
> Sent: Monday, December 23, 2019 at 1:58 PM
> From: "Jan Betlach"
> To: "lu hu"
> Cc: misc@openbsd.org
> Subject: Re: Why isn't ChallengeResponseAuthentication NO in sshd_config?
&g
Hello,
I was using 6.5 on a desktop PC.
I did a sysupgrade, but after the blue boot text, I only get black/blank screen.
I don't think it is just the screen, since I cannot reach it via network.
I booted the 6.6 bsd.rd then did a clean install with 6.6. The same issue.
I downloaded the 6.5
fuck I did a typo, sorry, I wanted to write:
66# sshd -T|grep -i permitr
permitrootlogin without-password
66#
really sorry.
But the issue is still there. man page says there should be prohibit-password
and not without-password
> Sent: Sunday, January 05, 2020 at 3:07 PM
> From:
Hello,
any thoughts anyone?
> Sent: Sunday, December 29, 2019 at 6:07 PM
> From: "lu hu"
> To: misc@openbsd.org
> Subject: Re: Why isn't ChallengeResponseAuthentication NO in sshd_config?
>
> Hello:
>
> 66# grep -i challenge /etc/ssh/sshd_config
> #Cha
yes!
> Sent: Sunday, January 05, 2020 at 3:00 PM
> From: "Robert Klein"
> To: misc@openbsd.org
> Subject: Re: sshd_config#PermitRootLogin typo
>
> On Sun, 5 Jan 2020 14:47:15 +0100
> "lu hu" wrote:
>
> > Hello,
> >
> &g
TY SECTION:
> openiked.org. 2496IN SOA
> a.ns.bsws.de. noc.bsws.de. 1577745128 1 3600 604800 86400
>
> ;; Query time: 0 msec
> ;; SERVER: 10.0.5.5#53(10.0.5.5)
> ;; WHEN: Tue Dec 31 15:14:22 2019
> ;; MSG SIZE rcvd: 82
>
> On Tue,
Hello,
http://man.openbsd.org/sshd_config#PermitRootLogin
says
...The default is prohibit-password.
If this option is set to prohibit-password (or its deprecated alias,
without-password), password and keyboard-interactive authentication are
disabled for root.
SO:
if I remove the
Hello,
used https://www.sshaudit.com/ + ssh-audit package
###
by default OpenBSD 6.6 ssh client (SSH-2.0-OpenSSH_8.1) has issues:
Host Key Types: nistp should be removed
Key Exchange Algorithms: nistp should be removed, also
diffie-hellman-group14-sha1: SHA-1 has
16 matches
Mail list logo