bugzilla-daemon at mindrot.org
2003-May-06 00:08 UTC
[Bug 486] "PermitRootLogin no" can implicitly reveal root password
http://bugzilla.mindrot.org/show_bug.cgi?id=486 cjwatson at debian.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Additional Comments From cjwatson at debian.org 2003-05-06 10:08 ------- This has reoccurred as of 3.6.1p2. With 3.6.1p1, there was no delay for a root login when PermitRootLogin was off regardless of whether the supplied password was correct or not. With 3.6.1p2 and "PermitRootLogin no", an incorrect password for root incurs a delay while a correct password does not. (Apologies if this should have been a new bug.) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 486] New: "PermitRootLogin no" can implicitly reveal root password
- [Bug 486] "PermitRootLogin no" can implicitly reveal root password
- [Bug 995] PermitRootLogin by IP address block specification
- "PermitRootLogin no" should not proceed with root login
- PermitRootLogin=yes no longer lets root login