AuthenticationMethods in sshd_config accepting empty method list
mvadkert
mvadkert at redhat.com
Thu Jun 19 22:56:49 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everyone,
I just came across a contradiction between the man page of AuthenticationMethods and the accepted
methods list.
According to the sshd_config manual page:
"""
AuthenticationMethods
Specifies the authentication methods that must be successfully completed for a user to be granted
access. This option must be followed by one or more comma-separated lists of authentication method
names. Successful authentication requires completion of every method in at least one of these lists.
""""
But in reality the also an empty list is accepted by sshd (servconf.c:1605).
What is the reason to accept an empty method list? Does the man page need an update?
Thanks and best regards,
/M
- --
Miroslav Vadkerti :: Red Hat s.r.o, Purkyňova 99/71, 612 45, Brno, Czech Republic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTot4RAAoJEBliWhMliBCHoHsH/21Z8JGah1BByms9mO4dkT9k
YLmykqWcUjopNwk2FykYVPm3K8RFO4zV45hha26v8Qdh3TpNjuQED0HuqBrtfY5H
8qZOsz1FNb9Ayi/+k3+Sgo7IJtO71XkLGFphsQLhnbntbD+wQt1nqIYRdBmZzN1n
aV6KJOUaBVoVllFuAv9vINMQtMSc98Jas4ZPeShoTtzvEoRxrEP81PbNvXVHy6d8
zk8il2YUPPtd03k2CuDHmou+Lhb9NtG4PepsD3e1loLMwSqgT6X3Y5AGMkBmJ/2m
bzuqJlxLOZ8k/b0PeBtixAMUbgS2Z0Ku2NsAxID+4iEBxIVOD5AZj6ZUKAX6yMI=
=Ogu3
-----END PGP SIGNATURE-----
More information about the openssh-unix-dev
mailing list