ssh daemon fails to call pam when user does not exist in /etc/passwd
Darren Tucker
dtucker at zip.com.au
Tue Jun 15 19:52:35 EST 2004
Darren Tucker wrote:
[about PAM without getpwnam()]
> I posted a patch for this a while back (attached). It's only been
> lightly tested but it's worth a try.
Correction: this patch will cause PAM to be called for
keyboard-interactive in that case (so it won't leak information about
whether or not the account is permitted to log in) but it still won't
actually permit the login.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list