PermitRootLogin=yes no longer lets root login

Markus Friedl markus at openbsd.org
Thu Mar 6 00:33:00 EST 2003


OpenBSD's code has
	int
	auth_password(Authctxt *authctxt, const char *password)
	{
		struct passwd * pw = authctxt->pw;

		/* deny if no user. */
		if (pw == NULL)
			return 0;
		if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
			return 0;
		if (*password == '\0' && options.permit_empty_passwd == 0)
			return 0;
	...

and this is intentional


On Thu, Jan 30, 2003 at 12:06:22AM +1100, Darren Tucker wrote:
> Hi All,
> 	While testing another patch, I found that I could not longer log in as
> root, even if PermitRootLogin was yes.  It seems to be the following
> code in auth_password:
> 
> $ cvs diff -r1.48 -r1.49 auth-passwd.c
> [snip]
>  #ifndef HAVE_CYGWIN
> -       if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
> +       if (pw->pw_uid == 0 && options.permit_root_login !=
> PERMIT_NO_PASSWD)
>                 return 0;
>  #endif
> [snip]
> 
> 	Was this intentional?
> 
> 		-Daz.
> 
> -- 
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev




More information about the openssh-unix-dev mailing list