bugzilla-daemon at mindrot.org
2003-Oct-28 13:47 UTC
[Bug 749] Connection is dropped for invalid user
http://bugzilla.mindrot.org/show_bug.cgi?id=749 Summary: Connection is dropped for invalid user Product: Portable OpenSSH Version: -current Platform: Alpha OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: Heinrich.Mislik at univie.ac.at If connecting to a server with an illegal userid und an rsa1 key, the connection is dropped immediatly. Normaly, a wrong username will stay in the auth_loop and keep requesting authentication from the user. The reason is in auth-rsa.c in line 293: /* no user given */ if (pw == NULL) return 0; Invalid users nolonger are passwd as NULL-pointers, a faked pw struct is used instead. This results in a call to temporarily_use_uid(pw) with the faked pw struct, which fails with fatal(). As a patch I tried /* no user given */ if (pw == fakepw()) return 0; which worked, but maybe is not the best solution. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-17 00:19 UTC
[Bug 749] Connection is dropped for invalid user
http://bugzilla.mindrot.org/show_bug.cgi?id=749 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Connection is dropped for |Connection is dropped for |invalid user |invalid user ------- Additional Comments From djm at mindrot.org 2003-11-16 17:19 ------- I couldn't replicate this on Linux or OpenBSD, but the code was problematic. Could you try one of the CVS snapshots? http://www.openssh.com/portable.html#cvs ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-18 14:27 UTC
[Bug 749] Connection is dropped for invalid user
http://bugzilla.mindrot.org/show_bug.cgi?id=749 ------- Additional Comments From Heinrich.Mislik at univie.ac.at 2003-11-18 07:27 ------- I tried openssh-SNAP-20031118.tar.gz and the behavior is now OK. Illegal users are kept in the autloop. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Nov-18 19:43 UTC
[Bug 749] Connection is dropped for invalid user
http://bugzilla.mindrot.org/show_bug.cgi?id=749 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-11-18 12:43 ------- Thanks - fix will be in the next release. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 355] New: No last login message with PrivSep under AIX
- [Bug 444] New: Wrong path to ssh in scp after re-configure
- Puzzled about PAM support in OpenSSH-3.7.1p2
- A question about LDAP Public Key authentication with openssh 9.8p1
- Requirement for sshd account since 4.4p1