Subject: Re: OpenSSH Priv Sep and Remote Exploit?
To: None <firstname.lastname@example.org>
From: Jeremy C. Reed <email@example.com>
Date: 06/26/2002 09:44:11
> > Can anyone quickly explain the challenge response based methods?
> > I use conventional password authentication or PubkeyAuthentication, so I
> > wonder if this ChallengeResponseAuthentication is even needed.
> e.g. S/Key and BSD_AUTH, so unless you use one of them (NetBSD doesn't
> support BSD_AUTH afaik), you can safely disable it. Challenge method
> means that you need to answer something back to a given question, e.g.
> type OTP in S/Key negotiation.
Thank you Seth K. and Lubomir for the explanations. (I already understand
what it means generically. I guess I was just wondering if I ever needed
or used ChallengeResponseAuthentication in the first place.)
Jeremy C. Reed