SSH using the login binary

Livengood, Edward Edward.Livengood at CommerceBank.com
Fri Sep 15 08:40:42 EST 2000


This may not be the place to pose this question so forgive me if I should
send this somewhere else.

I have noticed that SSH2 appears to check user's password against the
password file without executing login.  We are using a security application
that replaces the login binary to perform its own security checks on login,
i.e.. is suspend user ids that have failed to use a successful password.
Since SSH2 doesn't use the login binary that was replaced it bypasses our
security product.  I was wondering if this would be difficult to change, and
if not where in the source code I would have to go to make such a change?

Ed
Information Security






More information about the openssh-unix-dev mailing list