Problem found in OpenSSH 3.7.1p2 with OpenSSL 0.9.7c installation on HP-UX11.0

Nick_Chi at manulife.com Nick_Chi at manulife.com
Fri Nov 7 12:39:04 EST 2003


Dear Sir.

I am using Darren's HP patches.
Thanks.

Rgds,

Nick CHI
Regional Technology Team,
Regional I.T.,
I.T. Asia,
Manulife International Limited
Tel: (852) 2510 3273
Fax: (852) 2510 0244
Email: Nick_Chi at manulife.com


                                                                                                              
                                                                                                              
                                         To:     Nick_Chi at manulife.com                                        
                    The Alchemist        cc:     openssh-unix-dev at mindrot.org                                 
                    <nospam at magest       Subject:     Re: Problem found in OpenSSH 3.7.1p2 with OpenSSL       
                    ower.net>             0.9.7c installation on HP-UX11.0                                    
                                                                                                              
                    11/06/2003                                                                                
                    08:59 PM                                                                                  
                                                                                                              
                                                                                                              




*This message was transferred with a trial version of CommuniGate(tm) Pro*
Are you using Darren's HP patches?  Also, are these trusted or untrusted
configurations?

Nick_Chi at manulife.com wrote:

>*This message was transferred with a trial version of CommuniGate(tm) Pro*
>Hi all,
>
>I found that OpenSSL 3.7.1p2 has problem with PAM (HP-UX) system (with
>setting of account deacticating by 3 invalid login attempts).
>
>User enters wrong password more than twice through SSH, his/her account
>will not be deactivated.
>
>User enters wrong password more than twice through FTP, his/her account
>will be deactivated . However, only further FTP session is blocked. SSH
>session can be established even the account is deactivated.
>
>Besides, I deactivate an account through SAM, both new FTP and SSH
sessions
>will be blocked.
>
>I check that there is no such problem in OpenSSH 3.4p1.
>
>Any comments / suggestions?
>
>Thanks.
>
>Best Regards,
>
>Nick CHI
>Regional Technology Team,
>Regional I.T.,
>I.T. Asia,
>Manulife International Limited
>Tel: (852) 2510 3273
>Fax: (852) 2510 0244
>Email: Nick_Chi at manulife.com
>
>==========================================================
>
>This message is confidential and may also be privileged.  If you are not
>the intended recipient, please notify me by return e-mail and delete this
>message from your system.  If you are not the intended recipient, any use
>by you of this message is strictly prohibited.
>
>
>_______________________________________________
>openssh-unix-dev mailing list
>openssh-unix-dev at mindrot.org
>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>






==========================================================

This message is confidential and may also be privileged.  If you are not
the intended recipient, please notify me by return e-mail and delete this
message from your system.  If you are not the intended recipient, any use
by you of this message is strictly prohibited.




More information about the openssh-unix-dev mailing list