Root cause established: A firewall appliance was replaced, and an error installing the replacement meant it wasn't receiving rule updates. So, no action at all needed by OpenSSH. Thanks, and sorry for the false alarm. mathew On Mon Feb 09 2015 at 4:42:25 PM mathew <meta@xxxxxxxxx> wrote: > More info: We've checked firewall logs, and it seems to be a firewall rule > designed to prevent sessions which are subject to the bug detailed at < > http://archives.neohapsis.com/archives/bugtraq/2002-06/0294.html>. > > I've tried explicitly setting PAMAuthenticationViaKBDInt no, > KbdInteractiveAuthentication no and UsePrivilegeSeparation yes in > sshd_config, but the problem still occurs, so I think the firewall rule is > buggy. > > So, doesn't seem to be an OpenSSH problem per se, but I'll follow up with > anything more I discover in case other people encounter the issue -- it's > possible that the rule in question is deployed quite widely. > > > mathew > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev