[Bug 1322] New: pam_end() is not called if authentication fails, which breaks pam-abl
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jun 18 05:40:52 EST 2007
http://bugzilla.mindrot.org/show_bug.cgi?id=1322
Summary: pam_end() is not called if authentication fails, which
breaks pam-abl
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: PAM support
AssignedTo: bitbucket at mindrot.org
ReportedBy: kreiger at linuxgods.com
Pam-abl (http://www.hexten.net/wiki/index.php/Pam_abl) is a PAM module
that automatically blacklists hosts or users after a given number of
failed authentication attempts.
It relies on pam_end() being called by the pam application, and this is
not done by sshd for failed authentication attempts.
This is debian bug 405041, and i have confirmed that applying the patch
found at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041 makes
pam-abl work again.
--
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list