[Bug 503] New: Password is echoed when running passwd via ssh
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Mar 8 01:48:53 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=503
Summary: Password is echoed when running passwd via ssh
Product: Portable OpenSSH
Version: 3.4p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: kj at uue.org
client and server systems are RedHat 7.2 with openssh-3.1p1-6. When running "ssh
<otherhost> passwd <username>", the password is visible on the console:
[root at host1 root]# ssh host2 passwd user1
New password: <password visible here!>
Retype new password: <password visible here!>
Changing password for user user1
passwd: all authentication tokens updated successfully
I also ran tests with v3.4p1 on RedHat 8.0 as well as with and without public
key authentication, where this problem also occured.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list