OpenSSH 2.3.0p1 port to BSDI BSD/OS
David J. MacKenzie
djm at web.us.uu.net
Sat Feb 17 09:30:34 EST 2001
> > That ignores any style specified by the user.
>
> it does not, see below.
It ignores some styles, then.
I applied it to the openssh_cvs tree from
:pserver:cvs at bass.directhit.com:/cvs
and here's what happened.
I'll use our actual situation, though it's more complicated.
We have a locally written /usr/libexec/login_krb5 and in
/etc/login.conf our "default" entry has:
:auth=krb5,kerberos,passwd,activ,crypto,skey:\
The only styles we really use are krb5 and passwd, though,
that doesn't matter.
After installing your patch and restarting sshd, I tried
"ssh -l djm:passwd" to that host, and it only accepted my
krb5 password, not my master.passwd one. "ssh -l djm:foo"
had the same effect, instead of rejecting all passwords.
With the patch I submitted, "-l djm:passwd" and "-l djm:krb5"
only accept the master.passwd and krb5 passwords respectively,
and "-l djm:foo" accepts neither.
> any other problem?
I don't see any.
More information about the openssh-unix-dev
mailing list