Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: Steven M. Bellovin <>
From: Marton Fabo <>
List: tech-pkg
Date: 06/26/2002 21:10:52
># Change to no to disable s/key passwords
>#ChallengeResponseAuthentication yes
>which implies that they're the same option.  Or is it different on
>other versions?  I checked 3.1 and 3.3.1.

If I understood well from the sshd man page, s/key is currently the only 
implemented challenge-response authentication technique. So right now, the 
two has the same meaning, but this may change in the future, when more such 
authentication modes may become available.