diff options
author | Mark Johnston <markj@FreeBSD.org> | 2022-03-01 13:54:55 +0000 |
---|---|---|
committer | Mark Johnston <markj@FreeBSD.org> | 2022-03-01 13:54:55 +0000 |
commit | c1b656ac55eca1fc191225bd715b31ff25be9031 (patch) | |
tree | ae55e187d7b205faa72d7de76e7e0bb85ef344d2 /release | |
parent | 4be7d087c2b566f4910683836be279d55c1a81c6 (diff) | |
download | src-c1b656ac55eca1fc191225bd715b31ff25be9031.tar.gz src-c1b656ac55eca1fc191225bd715b31ff25be9031.zip |
release: Remove references to ChallengeResponseAuthentication
This sshd_config keyword was replaced by KbdInteractiveAuthentication in
openssh 8.7, though ChallengeResponseAuthentication is silently accepted
as an alias. However, this means that the code in ec2.conf which
modifies a commented-out line no longer does anything. Apply a minimal
fix.
Reviewed by: cperciva, emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34400
Diffstat (limited to 'release')
-rw-r--r-- | release/tools/ec2.conf | 5 | ||||
-rw-r--r-- | release/tools/gce.conf | 2 |
2 files changed, 3 insertions, 4 deletions
diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf index f0665646088b..5be4937379a0 100644 --- a/release/tools/ec2.conf +++ b/release/tools/ec2.conf @@ -122,10 +122,9 @@ EOF # historical "nvd" driver. echo 'hw.nvme.use_nvd="0"' >> ${DESTDIR}/boot/loader.conf - # Disable ChallengeResponseAuthentication according to EC2 - # requirements. + # Disable KbdInteractiveAuthentication according to EC2 requirements. sed -i '' -e \ - 's/^#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' \ + 's/^#KbdInteractiveAuthentication yes/KbdInteractiveAuthentication no/' \ ${DESTDIR}/etc/ssh/sshd_config # Use FreeBSD Update and Portsnap mirrors hosted in AWS diff --git a/release/tools/gce.conf b/release/tools/gce.conf index 745477f0bc8e..74e7455cb9dd 100644 --- a/release/tools/gce.conf +++ b/release/tools/gce.conf @@ -70,7 +70,7 @@ EOF EOF cat << EOF >> ${DESTDIR}/etc/ssh/sshd_config -ChallengeResponseAuthentication no +KbdInteractiveAuthentication no X11Forwarding no AcceptEnv LANG AllowAgentForwarding no |