[Bug 1696] New: output an error message when an account is locked
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jan 11 06:34:15 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1696
Summary: output an error message when an account is locked
Product: Portable OpenSSH
Version: 5.2p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: vincent at vinc17.org
On an account with no password ("user" on a Nokia N900), I set up RSA
authentication, but ssh still asked me a password. After looking at
sshd debug messages on the N900 (server from OpenSSH 5.1p1), I saw that
this was because the account was locked. This surprised me because
there is no such behavior with OpenSSH 4.7p1 on the N810. In fact I
wasn't aware of the notion of locked accounts for ssh until now.
So, I think it would be better for the end user if ssh output an error
message saying that the account is locked instead of asking a password.
Or would that be a security problem? If yes, even if the server checks
that the public key is authorized and outputs the error message only in
this case?
Also, though the sshd(8) man page has a paragraph about locked
accounts, there's nothing in the ssh(1) man page.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list