[Bug 2861] LDAP user with public key authentication showing AUTHSTATE=compat

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu May 3 15:09:41 AEST 2018


https://bugzilla.mindrot.org/show_bug.cgi?id=2861

--- Comment #5 from Darren Tucker <dtucker at dtucker.net> ---
Comment on attachment 3147
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3147
sshd password-less authentication logs

>debug3: AIX/setauthdb set registry 'LDAP'
>debug1: AIX/loginsuccess: [...]
>debug3: aix_restoreauthdb: restoring old registry ''
[...]
>  AUTHSTATE=compat

It's calling setauthdb before all of the auth related functions and
AUTHSTATE doesn't get set, it certainly looks like it's the
authenticate() call that's setting it.

> The expectation is that the AUTHSTATE should display LDAP irrespective of authentication methods(password-less or password-based).

Why would you expect that?  You're not authenticating via LDAP in that
case.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list