3.6.1p2, Spurious PAM failure messages WITH "PermitEmptyPasswords no", and a (micro) fix

Frank Cusack fcusack at fcusack.com
Thu May 8 05:59:52 EST 2003

On Wed, May 07, 2003 at 10:01:03AM -0500, Douglas E. Engert wrote:
> Is this related to the problem I still see on the HP_UX 11.0 with 
> PAM when the password=""


> The HP pam module failes. So I added back
> the check for password == '\0' in auth-pam.c and everything works now.
> It is still not clear why a password="" is being passed to PAM, 
> other then to have the PAM exits get a look at the login. 

In a few days, I'll post a summary of how I think the PAM flow should go,
along with a patch to make that happen.  (I have to extract the patch from
my other local-isms.)  Solar Designer has at least some of the same
thoughts I did, but doesn't go "all the way".  (The Solar Designer
stuff made its way into 3.6.1p2 which is why folks are seeing this
change in behavior now.)


More information about the openssh-unix-dev mailing list