diff options
| author | Glen Barber <gjb@FreeBSD.org> | 2017-07-28 18:27:30 +0000 |
|---|---|---|
| committer | Glen Barber <gjb@FreeBSD.org> | 2017-07-28 18:27:30 +0000 |
| commit | 5941ae31e0de0475d93d6a9dd70155cb8e6b08d1 (patch) | |
| tree | a083e8ca2265c866b1dd3f9dc45a27525bd30f6b | |
| parent | 4b5e2f8ea05ad1f9f8510cff54e3b08e925263fa (diff) | |
| download | src-5941ae31e0de0475d93d6a9dd70155cb8e6b08d1.tar.gz src-5941ae31e0de0475d93d6a9dd70155cb8e6b08d1.zip | |
Turn off ChallengeResponseAuthentication for EC2 AMIs, one of EC2's
requirements.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Notes
Notes:
svn path=/head/; revision=321659
| -rw-r--r-- | release/tools/ec2.conf | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf index 4a7a1e809ec7..e5379ea8e077 100644 --- a/release/tools/ec2.conf +++ b/release/tools/ec2.conf @@ -81,6 +81,12 @@ vm_extra_pre_umount() { # Load the kernel module for the Amazon "Elastic Network Adapter" echo 'if_ena_load="YES"' >> ${DESTDIR}/boot/loader.conf + # Disable ChallengeResponseAuthentication according to EC2 + # requirements. + sed -i '' -e \ + 's/^#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' \ + ${DESTDIR}/etc/ssh/sshd_config + # The first time the AMI boots, the installed "first boot" scripts # should be allowed to run: # * ec2_configinit (download and process EC2 user-data) |