On Wednesday, July 22, 2015 4:32 PM, Ron Frederick wrote: > You need to disable “ChallengeResponse” (aka keyboard-interactive) authentication, not password authentication, to protect against this attack. Thank you, Ron. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev