[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Mar 30 12:08:50 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=701

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
OtherBugsDependingO|                            |822
              nThis|                            |
             Status|NEW                         |ASSIGNED
            Version|3.7.1p1                     |-current



------- Additional Comments From dtucker at zip.com.au  2004-03-30 12:08 -------
The current plan is to switch away from the current "without-password" to a
positive list of allowed methods, e.g.

	PermitRootLogin pubkey,hostbased,keyboard-interactive

and keep "without-password" as an alias
for something like
	"pubkey,hostbased"

One thing that isn't clear is whether or not keyboard-interactive should specify
the specific "devices", eg keyboard-interactive/pam.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list