diff --git a/ChangeLog b/ChangeLog
index 95697dfcc..6b4615fe5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+20010120
+ - (bal) OpenBSD Resync
+   - markus@cvs.openbsd.org 2001/01/19 12:45:26
+     [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
+     only auth-chall.c needs #ifdef SKEY
+
 20010119
  - (djm) Update versions in RPM specfiles
  - (bal) OpenBSD Resync
diff --git a/auth-chall.c b/auth-chall.c
index e02e99d36..e99ddb39f 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -23,12 +23,14 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-chall.c,v 1.1 2001/01/18 17:12:43 markus Exp $");
+RCSID("$OpenBSD: auth-chall.c,v 1.2 2001/01/19 12:45:26 markus Exp $");
 
 #include "ssh.h"
 #include "auth.h"
 
 #ifdef SKEY
+#include <skey.h>
+
 char *
 get_challenge(Authctxt *authctxt, char *devs)
 {
diff --git a/auth1.c b/auth1.c
index 2df2de897..b480fdbec 100644
--- a/auth1.c
+++ b/auth1.c
@@ -322,7 +322,7 @@ do_authloop(Authctxt *authctxt)
 			fatal("INTERNAL ERROR: authenticated invalid user %s",
 			    authctxt->user);
 
-#ifdef HAVE_CYGWIN		/* ISSUE: Right place? */
+#ifdef HAVE_CYGWIN		
 		if (authenticated && 
 		    !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD,pw->pw_uid)) {
 			packet_disconnect("Authentication rejected for uid %d.",
diff --git a/servconf.c b/servconf.c
index 544bb340e..801267b48 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.58 2001/01/18 16:20:22 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.59 2001/01/19 12:45:26 markus Exp $");
 
 #include "ssh.h"
 #include "servconf.h"
@@ -61,9 +61,7 @@ initialize_server_options(ServerOptions *options)
 #endif
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
-#ifdef SKEY
 	options->skey_authentication = -1;
-#endif
 	options->permit_empty_passwd = -1;
 	options->use_login = -1;
 	options->allow_tcp_forwarding = -1;
@@ -157,10 +155,8 @@ fill_default_server_options(ServerOptions *options)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
 		options->kbd_interactive_authentication = 0;
-#ifdef SKEY
 	if (options->skey_authentication == -1)
 		options->skey_authentication = 1;
-#endif
 	if (options->permit_empty_passwd == -1)
 		options->permit_empty_passwd = 0;
 	if (options->use_login == -1)
@@ -189,9 +185,7 @@ typedef enum {
 #ifdef AFS
 	sKerberosTgtPassing, sAFSTokenPassing,
 #endif
-#ifdef SKEY
 	sSkeyAuthentication,
-#endif
 	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
 	sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
 	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
@@ -233,9 +227,7 @@ static struct {
 #endif
 	{ "passwordauthentication", sPasswordAuthentication },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
-#ifdef SKEY
 	{ "skeyauthentication", sSkeyAuthentication },
-#endif
 	{ "checkmail", sCheckMail },
 	{ "listenaddress", sListenAddress },
 	{ "printmotd", sPrintMotd },
@@ -530,11 +522,9 @@ parse_flag:
 			intptr = &options->check_mail;
 			goto parse_flag;
 
-#ifdef SKEY
 		case sSkeyAuthentication:
 			intptr = &options->skey_authentication;
 			goto parse_flag;
-#endif
 
 		case sPrintMotd:
 			intptr = &options->print_motd;
diff --git a/servconf.h b/servconf.h
index 532b22f6e..ea0694905 100644
--- a/servconf.h
+++ b/servconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: servconf.h,v 1.33 2001/01/08 22:29:05 markus Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.34 2001/01/19 12:45:27 markus Exp $"); */
 
 #ifndef SERVCONF_H
 #define SERVCONF_H
@@ -80,10 +80,8 @@ typedef struct {
 	int     password_authentication;	/* If true, permit password
 						 * authentication. */
 	int     kbd_interactive_authentication;	/* If true, permit */
-#ifdef SKEY
 	int     skey_authentication;	/* If true, permit s/key
 					 * authentication. */
-#endif
 	int     permit_empty_passwd;	/* If false, do not permit empty
 					 * passwords. */
 	int     use_login;	/* If true, login(1) is used */
diff --git a/ssh.h b/ssh.h
index 9c487a398..736d1dd65 100644
--- a/ssh.h
+++ b/ssh.h
@@ -12,7 +12,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: ssh.h,v 1.58 2001/01/18 16:20:22 markus Exp $"); */
+/* RCSID("$OpenBSD: ssh.h,v 1.59 2001/01/19 12:45:27 markus Exp $"); */
 
 #ifndef SSH_H
 #define SSH_H
@@ -549,12 +549,6 @@ int     radix_to_creds(const char *buf, CREDENTIALS * creds);
 
 #endif				/* KRB4 */
 
-#ifdef SKEY
-#include <skey.h>
-char   *skey_fake_keyinfo(char *username);
-int	auth_skey_password(struct passwd * pw, const char *password);
-#endif				/* SKEY */
-
 /* AF_UNSPEC or AF_INET or AF_INET6 */
 extern int IPv4or6;
 
diff --git a/sshd.c b/sshd.c
index 7f9c3ee7f..9eaf312dc 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.152 2001/01/18 16:20:22 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.153 2001/01/19 12:45:27 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1250,10 +1250,8 @@ do_ssh1_kex(void)
 	if (options.afs_token_passing)
 		auth_mask |= 1 << SSH_PASS_AFS_TOKEN;
 #endif
-#ifdef SKEY
 	if (options.skey_authentication == 1)
 		auth_mask |= 1 << SSH_AUTH_TIS;
-#endif
 	if (options.password_authentication)
 		auth_mask |= 1 << SSH_AUTH_PASSWORD;
 	packet_put_int(auth_mask);