SCO OpenServer password issue
Roger Cornelius
rac at tenzing.org
Thu Jan 3 06:34:27 EST 2002
If SCO OpenServer is configured for large passwords, i.e. u_pwseg is
greater than 1 in /etc/auth/system/default, then user authentication in
auth-passwd.c will fail for users whose passwords are longer than 8
characters. The "traditional" level of security installs with
u_pwseg#1, so most users would never encounter this problem. This has
been an issue in openssh since I started using it several versions ago.
The fix is to use bigcrypt() rather than crypt() for OpenServer.
bigcrypt() works in all cases I believe, regardless of password size or
u_pwseg setting. Below is a patch to auth-passwd.c which corrects the
problem.
I subscribed to the openssh-unix-dev list just today to receive any
replies/comments to this post. Apologies if this has been addressed
before.
man default(F), prpw(F), secdefs(ADM)
*** auth-passwd.c-orig Wed Jul 4 00:21:15 2001
--- auth-passwd.c Wed Jan 2 14:17:21 2002
***************
*** 212,218 ****
--- 212,222 ----
else
encrypted_password = crypt(password, salt);
# else
+ # ifdef HAVE_SCO_PROTECTED_PW
+ encrypted_password = bigcrypt(password, salt);
+ # else
encrypted_password = crypt(password, salt);
+ # endif /* HAVE_SCO_PROTECTED_PW */
# endif /* __hpux */
#endif /* HAVE_MD5_PASSWORDS */
--
Roger Cornelius rac at tenzing.org
More information about the openssh-unix-dev
mailing list