bugzilla-daemon at mindrot.org
2003-May-11 02:07 UTC
[Bug 442] sshd allows login via public-key when account locked
http://bugzilla.mindrot.org/show_bug.cgi?id=442 ------- Additional Comments From dtucker at zip.com.au 2003-05-11 12:07 ------- Further info: it appears that in later patch sets, Solaris 8 and 9 now check the password string against *LK* in PAM and deny access even for non-password authentications (eg rhosts). http://groups.google.com/groups?as_umsgid=3ebcff1a%240%2449101%24e4fe514c%40news .xs4all.nl http://groups.google.com/groups?as_umsgid=3ebd1d6e%240%2449115%24e4fe514c%40news .xs4all.nl The last patch is probably broken now, I'm trying to find out if it's worth updating. What's the feeling on a) whether we want to do this and b) if the implementation is acceptable. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 442] sshd allows login via public-key when account locked
- [Bug 442] New: sshd allows login via public-key when account locked
- [Bug 442] sshd allows login via public-key when account locked
- [Bug 442] sshd allows login via public-key when account locked
- Locked account and logging in with public key