OpenSSH 3.7.1 compatibility problems on Linux
James Bourne
jbourne at hardrock.org
Sat Sep 20 03:49:07 EST 2003
> Stanislav Malyshev <stas at zend.com> writes:
> > With newer clients, using protocol 1 gives very strange greeting - first
> > Password:
> > Response:
>
> This is PAM mediated through ssh1's TIS authentication feature.
IMHO, this should be a single prompt, not 2 seperate prompts and BTW, this
comes from the client NOT the server. The "Response: " portion is actually
completely superfluous output...
Also, this only happens when connecting to a newer version server. For
example, connecting to a server running 3.7.1p1 you get the second prompt,
but connecting to a server with a patched 3.1p1 (ala Red Hat) from the same
host using the same client, you get user at host's password:
With other older clients (putty < 0.53) you can not authenticate at all!
> > and then if password not given, <user>@<hostname>'s password:
>
> This is regular ssh1 password authentication.
>
> > Authentication with the latter never works, however works with the former.
>
> If password authentication fails when you type the correct password,
> you probably did something wrong at build time (like disable shadow
> passwords).
No actually, it is some incompatability with clients which do not support
"keyboard-interactive" authentication.
Was this intended breakage or accidental breakage?
Regards
James Bourne
> DES
> --
> Dag-Erling Smørgrav - des at des.no
--
James Bourne | Email: jbourne at hardrock.org
Unix Systems Administrator | WWW: http://www.hardrock.org
Custom Unix Programming | Linux: The choice of a GNU generation
----------------------------------------------------------------------
"All you need's an occasional kick in the philosophy." Frank Herbert
More information about the openssh-unix-dev
mailing list