SSH using the login binary
Gregory Leblanc
GLeblanc at cu-portland.edu
Fri Sep 15 09:07:35 EST 2000
> -----Original Message-----
> From: Livengood, Edward [mailto:Edward.Livengood at CommerceBank.com]
>
> This may not be the place to pose this question so forgive me
> if I should
> send this somewhere else.
>
> I have noticed that SSH2 appears to check user's password against the
> password file without executing login. We are using a
> security application
> that replaces the login binary to perform its own security
> checks on login,
> i.e.. is suspend user ids that have failed to use a
> successful password.
> Since SSH2 doesn't use the login binary that was replaced it
> bypasses our
> security product. I was wondering if this would be difficult
> to change, and
> if not where in the source code I would have to go to make
> such a change?
Now I'm not an expert, bus isn't this what the "UseLogin" parameter in
sshd_config is supposed to do? The man page for sshd has more information.
Greg
More information about the openssh-unix-dev
mailing list