Pending OpenSSH release, call for testing.
Robert Dahlem
Robert.Dahlem at gmx.net
Mon Aug 16 00:02:35 EST 2004
On Thu, 12 Aug 2004 23:55:20 +1000, Darren Tucker wrote:
> OpenSSH is getting ready for a release soon, so we are asking for
>all interested parties to test a snapshot.
> Changes include:
>* PAM password authentication has been (re)added.
I tested this on Solaris 8/sparc with all current recommended patches.
As far as I can see everything works fine.
I'm currently in the process of implementing something like an intruder
lockout mechanism based on some hacking to pam_tally.so from Linux-PAM-
0.77. Please do not comment that this is an invitation to DOS attacks. I
know it. The suits won't understand and call it "a known risk".
I would expect any text to appear on the client terminal that the server
sends through the PAM conversation function with msg_type PAM_ERROR_MSG
or PAM_TEXT_INFO. Well, at least with telnet this works already. But who
wants telnet anyway? :-)
By some fiddling with debug() I can prove that the text sent by the PAM
module is seen by sshpam_passwd_conv() on the server side, but I can't
see that text on the client side. Can anyone please give me a pointer
where to look?
Regards,
Robert
More information about the openssh-unix-dev
mailing list