[Bug 2475] New: Login failure when PasswordAuthentication, ChallengeResponseAuthentication, and PermitEmptyPasswords are all enabled
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Sep 29 05:39:38 AEST 2015
https://bugzilla.mindrot.org/show_bug.cgi?id=2475
Bug ID: 2475
Summary: Login failure when PasswordAuthentication,
ChallengeResponseAuthentication, and
PermitEmptyPasswords are all enabled
Product: Portable OpenSSH
Version: 7.1p1
Hardware: ix86
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: jbjjbjbb at yahoo.com
Login fails with "Write failed: Broken pipe" when all three of these
settings are enabled:
PasswordAuthentication=yes
ChallengeResponseAuthentication=yes
PermitEmptyPasswords=yes
If any of the three settings are disabled, login succeeds.
Note that I am not using an empty password, but enabling
PermitEmptyPassword needs to be enabled to cause the failure.
Originally seen on an embedded Linux system running version 7.1p1, but
have reproduced on Ubuntu 14.04 / OpenSSH-6.6.1p1 and RHEL6.5 /
OpenSSH-5.3p1.
Used the following command lines to reproduce on the Linux systems:
Server:
/usr/sbin/sshd -Dddd -p 44444 -oPasswordAuthentication=yes
-oChallengeResponseAuthentication=yes -opermitemptypasswords=yes
debug1: PAM: establishing credentials
PAM: pam_setcred(): Failure setting user credentials
debug1: do_cleanup
debug3: PAM: sshpam_thread_cleanup entering
Client:
ssh -vvv localhost -oPubkeyAuthentication=no -p 44444 -l xxxx
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to localhost ([127.0.0.1]:44444).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
Write failed: Broken pipe
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list