Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0
Nick Chi
nickhychi at yahoo.com.hk
Mon Nov 3 17:29:20 EST 2003
Hi all,
I found that OpenSSL 3.7.1p2 has problem with PAM
(HP-UX) system (with setting of account deacticating
by 3 invalid login attempts).
User enters wrong password more than twice through
SSH, his/her account will not be deactivated.
User enters wrong password more than twice through
FTP, his/her account will be deactivated . However,
only further FTP session is blocked. SSH session can
be established even the account is deactivated.
Besides, I deactivate an account through SAM, both new
FTP and SSH sessions will be blocked.
I check that there is no such problem in OpenSSH
3.4p1.
Any comments / suggestions?
Thanks.
Best Regards,
Nick CHI
_________________________________________________________
兩個人的幸運、亂世佳人、遇見...
浪漫鈴聲 情心連繫
http://ringtone.yahoo.com.hk/
More information about the openssh-unix-dev
mailing list