Bad Password - #010#012#015#177INCORRECT : ssh -> pam -> libpam_sqlite -> sqlite3

Ángel González keisial at
Thu Mar 6 09:28:51 EST 2014

For future archive searchers:
> Why does OpenSSH replaces the password entered by the user with the
> bad password - "\b\n\r\177INCORRECT

There are some situations where sshd determines a user can't log in. 
Typical samples of that are DenyUsers or PermitRootLogin.
In those cases sshd *still* calls PAM, so that delays set by it are 
still performed to the user (without leaking info about accounts 
existing, disabled, etc.). But in order to ensure it can't succeed, 
replaces the password with that impossible one.

More information about the openssh-unix-dev mailing list