openssh-2.9p1 bug: loginfailed() with AIX 4.3.3

K.Wolkersdorfer at fz-juelich.de K.Wolkersdorfer at fz-juelich.de
Thu May 17 01:56:46 EST 2001


Hi,

first let me thank you for all the excellent work with openssh!

Bug-Description (for AIX - current release 4.3.3 - only):

  During password-authentication if a user enters a wrong
  password, the failed attempt is not at all recorded in
  /etc/security/lastlog, although the loginfailed()
  subroutine in auth1.c is supposed to do that.

Suggestion:

  In AIX the loginfailed() subroutine should be called
  if and only if
  the user enters a wrong password:
  From man loginfailed:
  ..."A login failure audit record is cut to indicate that
   an unsuccessful login attempt occurred. A utmp entry
   is appended to /etc/security/failedlogin file,
   which tracks all failed login attempts." ...

  So it seems that in auth1.c the loginfailed() subroutine
  is on the wrong place. It should be immediately after
  the password-authentication.

Bug-Fix:

  The following fix works for us:
------------------------------------------------------------------------
  diff auth1.c.orig auth1.c
266a267,272
> #ifdef WITH_AIXAUTHENTICATE
>                         if (!authenticated)
>                         loginfailed(authctxt->user,
>                         get_canonical_hostname(options.reverse_mapping_check),
>                           "ssh");
> #endif /* WITH_AIXAUTHENTICATE */
346,350d351
< #ifdef WITH_AIXAUTHENTICATE
<                       loginfailed(authctxt->user,
<                         get_canonical_hostname(options.reverse_mapping_check),
<                           "ssh");
< #endif /* WITH_AIXAUTHENTICATE */
-------------------------------------------------------------------------

Many thanks for your attention and best regards from Germany

Klaus

-- 
Klaus Wolkersdorfer                     (K.Wolkersdorfer at fz-juelich.de)
Zentralinstitut fuer Angewandte Mathematik (ZAM)  Tel: +49-2461-61-6579
John von Neumann - Institute for Computing (NIC)  Fax:            -6656
Forschungszentrum Juelich GmbH, D-52425 Juelich,  Germany



More information about the openssh-unix-dev mailing list