Subject: Re: openssh s/key issue (Was: Re: rfd2228 in ftpd)
To: Robert Elz <kre@munnari.OZ.AU>
From: Simon J. Gerraty <>
List: tech-security
Date: 07/07/2002 21:28:50
>But, even if enabled, why would the system, send a challenge if there are
>no uses on the system using s/key (skeykeys is empty)?   And if no challenge
>is ever sent, surely no response would ever be parsed?

I haven't checked 3.4 but in earlier versions I've disabled the silly
fake s/key challenges that openssh did.  I say "silly" because it only
takes a couple of tests to verify that they are fake challenges so they
serve no purpose other than to confuse the unaware - whom they are presumably
not inteneded to protect against :-)

Anyway, if openssh is still doing fake challenges, then it will indeed
get responses.