[Bug 1322] New: pam_end() is not called if authentication fails, which breaks pam-abl

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Jun 18 05:40:52 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=1322

           Summary: pam_end() is not called if authentication fails, which
                    breaks pam-abl
           Product: Portable OpenSSH
           Version: 4.6p1
          Platform: Other
               URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: PAM support
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: kreiger at linuxgods.com


Pam-abl (http://www.hexten.net/wiki/index.php/Pam_abl) is a PAM module
that automatically blacklists hosts or users after a given number of
failed authentication attempts.

It relies on pam_end() being called by the pam application, and this is
not done by sshd for failed authentication attempts.

This is debian bug 405041, and i have confirmed that applying the patch
found at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405041 makes
pam-abl work again.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list