[Bug 712] ssh does not properly utilize OS specified authentication methods on AIX

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jan 23 16:09:48 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=712

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
OtherBugsDependingO|                            |793
              nThis|                            |
             Status|NEW                         |ASSIGNED



------- Additional Comments From dtucker at zip.com.au  2004-01-22 22:09 -------
This is specific to the account configuration.  Without going into too much
detail, the problem is this:  The accounts were configured with the following
AIX authentication settings:

SYSTEM=none
auth1=somemodule
auth2=none

The problem is sshd uses AIX's authenticate() function, which knows only SYSTEM,
not auth1 or auth2 (AFAIK those are the domain of ckuserID() which is documented
as obsolete, and would be very difficult to support sanely in sshd anyway).

I think the best sshd can do in this case is to detect an unsupportable
authentication configuration (currently my best guess is SYSTEM=NONE && auth1 !=
NONE, feedback wanted!) and deny the login.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list