[Bug 2876] PAM_TEXT_INFO and PAM_ERROR_MSG conversation not honoured during PAM authentication
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Jun 13 17:44:41 AEST 2018
https://bugzilla.mindrot.org/show_bug.cgi?id=2876
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at dtucker.net
--- Comment #3 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Damien Miller from comment #1)
> You should try disabling password authentication and using
> keyboard-interactive authentication instead, as it allows
> informational prompts.
Looking at the code, I think it's the case for keyboard-interactive
too:
sshpam_query([...]
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
/* accumulate messages */
len = plen + mlen + 2;
[etc]
I think it's that way because the same conversation function had to
handle both Protocol 2 keyboard-interactive and Protocol 1 TIS
challenge-response. The latter is fairly limited, but is now
(mercifully) gone.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list