[openssh-unix-dev] auth*.c
David Bronder
david-bronder at uiowa.edu
Thu Jan 3 12:23:56 EST 2002
mandar at webchat.chatsystems.com wrote:
>
> Dave - great to hear someone already working on this ;) Re: #1, how do you
> increment unsuccessful_login_count for non-password method failures?
Short answer: I don't. :) In practice, I found that incrementing
unsuccessful_login_count for other methods is painful, especially if
you actually _use_ unsuccessful_login_count. Not all failures of the
other methods make sense to count, at least not all the time.
> Re: /etc/nologin, why not stat() the file before calling
> loginrestrictions()?
Because OpenSSH already does /etc/nologin handling elsewhere in the
code. It doesn't seem right to add a second check for it, and it
also doesn't seem right to check for /etc/nologin on all platforms
in allowed_user() where loginrestrictions() is currently called.
=Dave
--
Hello World. David Bronder - Systems Admin
Segmentation Fault ITS-SPA, Univ. of Iowa
Core dumped, disk trashed, quota filled, soda warm. david-bronder at uiowa.edu
More information about the openssh-unix-dev
mailing list