SSH using the login binary
Damien Miller
djm at mindrot.org
Sat Sep 16 16:19:13 EST 2000
On Thu, 14 Sep 2000, Livengood, Edward wrote:
> This may not be the place to pose this question so forgive me if I
> should send this somewhere else.
>
> I have noticed that SSH2 appears to check user's password against
> the password file without executing login. We are using a security
> application that replaces the login binary to perform its own
> security checks on login, i.e.. is suspend user ids that have failed
> to use a successful password. Since SSH2 doesn't use the login
> binary that was replaced it bypasses our security product. I was
> wondering if this would be difficult to change, and if not where in
> the source code I would have to go to make such a change?
No need - just put a "UseLogin yes" in the server config file.
-d
--
| ``The power of accurate observation is | Damien Miller <djm at mindrot.org>
| commonly called cynicism by those who | @Work <djm at ibs.com.au>
| have not got it'' - George Bernard Shaw | http://www.mindrot.org
More information about the openssh-unix-dev
mailing list