SSH Bug 3.5p1 Expired Passwords

Frank Beckmann Frank.Beckmann at vodafone.com
Wed Oct 16 23:20:01 EST 2002


Hello

in the new Openssh 3.5p1 is the sam Bug as in the 3.4p1 :-(
When a User try to login with a expired Passwort, SSH denys the Acces to the System

fbeckman at zvadmxz:/home/fbeckman # ssh -v fbeckman at xy
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090605f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to webmann [129.8.140.69] port 22.
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /.ssh/identity type 0
debug1: identity file /.ssh/id_rsa type 1
debug1: identity file /.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1
debug1: match: OpenSSH_3.5p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'xy' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh_known_hosts:1662
debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/.ssh/identity'
debug1: Server refused our key.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.
fbeckman at xy's password:
Permission denied, please try again.
fbeckman at xy's password:
Permission denied, please try again.
fbeckman at xy's password:
Permission denied.
debug1: Calling cleanup 0x43804(0x0)

--------------------------------------------------------------------------------

The old 3.1.p1 was better look here:

fbeckman at zvadmxy:/home/fbeckman # ssh -v fbeckman at xyz
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090605f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to webmann [139.7.180.69] port 22.
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /.ssh/identity type 0
debug1: identity file /.ssh/id_rsa type 1
debug1: identity file /.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'xyz' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh_known_hosts:1662
debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: RSA authentication using agent refused.
debug1: Trying RSA authentication with key '/.ssh/identity'
debug1: Server refused our key.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.
fbeckman at xyz's password:
debug1: Requesting pty.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: fd 4 setting TCP_NODELAY
debug1: Requesting shell.
debug1: Entering interactive session.
Warning: Your password has expired, please change it now
Enter login password:
New password:
Re-enter new password:
sshd (SYSTEM): passwd successfully changed for fbeckman
Last login: Wed Oct 16 15:12:13 2002 from xvy

Greetings from Germany

Frank Beckmann
-- 
Frank	Beckmann
Abt. 	TOIU
Tel: 	0211 533-5758
Fax:	0211 533-1451
Mail	Frank.Beckmann at vodafone.com




More information about the openssh-unix-dev mailing list