[Bug 712] ssh does not properly utilize OS specified authentication methods on AIX

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Sep 24 15:02:24 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=712

           Summary: ssh does not properly utilize OS specified
                    authentication methods on AIX
           Product: Portable OpenSSH
           Version: -current
          Platform: PPC
        OS/Version: AIX
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Miscellaneous
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: phoenix at internetstatic.com


AIX allows for the possibility of using other authentication methods to login to
the system in any user definition, which are specified by auth1 and auth2.  An
auth field set to SYSTEM refers to the internal, normal shadow passworded files
on the system.  However, other methods can be specified under
/etc/security/login.cfg, and ssh ignores these.  If one of these methods is in
use, ssh allows a single space, or even any key sequence to allow anyone to
access the account.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list