tech-userlevel: Re: sshd still asks for a fake skey response

Subject: Re: sshd still asks for a fake skey response
To: Bernd Ernesti <netbsd@arresum.inka.de>
From: None <itojun@iijlab.net>
List: tech-userlevel
Date: 01/21/2001 20:19:08

>> Log Message:
>> disable s/key authentication request (from client) by default, to prevent
>> confusing fake s/key challenge to show up.
>> per recent discussion on tech-userlevel.
>I don't think that is the correct solution for this problem.
>Now I have to change all client configurations to disable the faked skey
>response from the sshd.

	in ssh/sshd, s/key authentication and unix login authentication are
	separate.  client asks for it explicitly.  for me it makes more
	sense to present fake s/key prompt, just like we present
	fake unix login prompt (or can we turn fake prompt off for both?).
	the current behavior is exactly the same as openssh in openbsd tree.
	markus told me that he would reorganize authentication handling code
	soon, but i don't think he said he will change the behavior.

itojun