bugzilla-daemon at mindrot.org
2003-Sep-24 11:42 UTC
[Bug 713] PAM and "PermitRootLogin without-password" still allows root password login
http://bugzilla.mindrot.org/show_bug.cgi?id=713
Summary: PAM and "PermitRootLogin without-password" still
allows
root password login
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: PAM support
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: iand at ekit-inc.com
With 3.7.1p1 and 3.7.1p2 (at least) on Solaris 7, 8 (at least), enabling UsePAM
with "PermitRootLogin without-password" still allows root logins with
password
authentication. (compiled --with-pam)
Disabling UsePAM works to restore expected behaviour; ie: password
authentication
fails as it should, which is my workaround, but I want to use PAM in the
future.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Sep-24 12:01 UTC
[Bug 713] PAM and "PermitRootLogin without-password" still allows root password login
http://bugzilla.mindrot.org/show_bug.cgi?id=713 ------- Additional Comments From djm at mindrot.org 2003-09-24 22:01 ------- When you use PAM you are not using password authentication anymore. You should control root auth in PAM using the pam_rootok or pam_listfile modules. perhaps we need a README.PAM file... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.