[Bug 1780] New: Option to disable .k5login support
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Jun 14 17:44:58 EST 2010
https://bugzilla.mindrot.org/show_bug.cgi?id=1780
Summary: Option to disable .k5login support
Product: Portable OpenSSH
Version: 5.5p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: jchadima at redhat.com
.k5login allows a user to let others access his account w/o admin
intervention.
There are 2 potential problems in some setups.
A) Company policy that prevents account sharing
B) Access to other users credentials using social engineering
techniques to
make someone log into your account and forward you his credentials
For these reasons it would be useful if there were a sshd_config option
to
prevent sshd from using .k5login files.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list