Displaying 20 results from an estimated 20000 matches similar to: "[Bug 486] "PermitRootLogin no" can implicitly reveal root password"
2003 Feb 06
2
[Bug 486] New: "PermitRootLogin no" can implicitly reveal root password
http://bugzilla.mindrot.org/show_bug.cgi?id=486
Summary: "PermitRootLogin no" can implicitly reveal root password
Product: Portable OpenSSH
Version: 3.5p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at
2003 May 06
0
[Bug 486] "PermitRootLogin no" can implicitly reveal root password
http://bugzilla.mindrot.org/show_bug.cgi?id=486
cjwatson at debian.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From cjwatson at debian.org 2003-05-06 10:08
2003 Feb 06
4
[Bug 387] command="" in authorized_keys fails when sshd_config has "PermitRootLogon forced-commands-only"
http://bugzilla.mindrot.org/show_bug.cgi?id=387
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From markus at openbsd.org 2003-02-07 08:16
2002 Aug 21
3
[Bug 387] command="" in authorized_keys fails when sshd_config has "PermitRootLogon forced-commands-only"
http://bugzilla.mindrot.org/show_bug.cgi?id=387
------- Additional Comments From markus at openbsd.org 2002-08-22 06:27 -------
hm, the logoutput from the server would be more helpfull.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2005 Jan 11
11
[Bug 914] [RELENG] Bugs planned to be fixed *after* 3.9
http://bugzilla.mindrot.org/show_bug.cgi?id=914
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |971
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2007 Jun 28
5
[Bug 1326] New: Allow non-public-key credentials in authorized_keys file ( Kerberos, etc.)
http://bugzilla.mindrot.org/show_bug.cgi?id=1326
Summary: Allow non-public-key credentials in authorized_keys file
(Kerberos, etc.)
Product: Portable OpenSSH
Version: 4.4p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Kerberos support
2013 Oct 23
7
[Bug 2164] New: PermitRootLogin=without-password as default
https://bugzilla.mindrot.org/show_bug.cgi?id=2164
Bug ID: 2164
Summary: PermitRootLogin=without-password as default
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2015 Feb 21
2
"PermitRootLogin no" should not proceed with root login
Steps to reproduce:
1) PermitRootLogin no in sshd_config
2) login with "root" user from other host
Present behaviour:
1) it asks for password 3 times and only then close the connection.
2) cpu consumption during bruteforce "attacks".
Expected behaviour:
Immediate disconnect/login fail
Workaround is to change ssh port, or ban IP after some login fails, or
limit IP that can
2010 Feb 02
5
Passwordless ssh
On Mac OS, in order to allow ssh using dsa keys, I would copy
~/.ssh/id_dsa.pub from my machine into ~/.ssh/authorized_keys of the
target machine. I've created .ssh directories in my account home as
well as in /root and copied the respective keys to authorized_keys
files in each.
Strangely, I can now ssh as root with no password but my own user
account still prompts for a password. What
2003 Nov 13
1
SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE
Wonder if you guys could help me out...have a security problem with sshd
wich enables a user to do a password login tough the sshd_config states
PasswordAuthentication no
My config works fine in both gentoo and openbsd 3.3 but users are able to
login with tunneled clear text passwords in both 4.9 and 5.1
Im lost.tried everything I can think of.
Here is the config:
2018 Jul 18
2
root can login to console but not via ssh
On Tue, Jul 17, 2018 at 6:22 PM, Damien Miller <djm at mindrot.org> wrote:
>
>
> On Tue, 17 Jul 2018, Rob Marshall wrote:
>
>> Hi,
>>
>> I built OpenSSH 7.7p1-1 to try to include some security fixes for an old OS
>> version (SLES 10). We use a special PAM module for root to allow us to
>> provide auto-expiring passwords. There is, however, one root
2003 Sep 22
4
[Bug 701] With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam'
http://bugzilla.mindrot.org/show_bug.cgi?id=701
Summary: With 'PermitRootPassword without-password' set, root
w/pass can still log in with a using 'keyboard-int/pam'
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority:
2006 Jan 20
1
openssh-4.2p1 + Pam question !
Hi there !
I have an issue with my OpenSSH + PAM configuration on a RedHat Advanced server 2..1
I want to authenticate users connecting to a server using ssh against a radius server. The radius client/server part works ok when I test it with some utilities.
I think I have a problem with my ssh which does not pass the username/password to my pam sshd module.
I have upgraded to openssh-4.2p1.
2016 Feb 17
3
centos7 :: ks.cfg :: customisation of sshd
Hi! I want to change the sshd port at install for centos7 but i am not sure
if i am on the good track (and it is time expensive to make many try-outs)..
So, i would be grateful if someone with experience can spot if i have problems
with my planning.. (the actual purpose is that after installation i have access
for my ansible provisioning)
first make sure ssh is started
services
2017 Feb 11
12
[Bug 12576] New: popt aliases allow users to bypass sudo argument restrictions
https://bugzilla.samba.org/show_bug.cgi?id=12576
Bug ID: 12576
Summary: popt aliases allow users to bypass sudo argument
restrictions
Product: rsync
Version: 3.1.3
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
Assignee:
2002 Jan 07
1
Non-root hostname auth problem
All:
I have a problem connecting Openssh 3.0.2p1 on Solaris 8 using hostname
authentication for non-root users. When I connect to the sshd from a
second machine as root it works fine using HostbasedAuthentication, but it
always fails with non-root users.
I suspect that I am having a permissions problem somewhere, but I'll be
damned if I can figure out where.
Any and all help
2006 Jun 23
14
[Bug 1155] [META] Bug planned to be fixed for the 4.4 release
http://bugzilla.mindrot.org/show_bug.cgi?id=1155
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |1199
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2015 Feb 21
2
PermitRootLogin default (was: "PermitRootLogin no" should not proceed with root login)
On Sat, 2015-02-21 at 23:36 +0000, Philip Hands wrote:
> I'm glad to say that the default for the Debian package
Unfortunately, Debian overdid it quite a lot and also set a number of
not so smart (respectively security-critical) defaults:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765632
So it's like 1:1 ;-)
Cheers,
Chris.
-------------- next part --------------
A non-text
2004 Jun 25
11
[Bug 822] [RELENG] Bugs planned to be fixed for 3.9
http://bugzilla.mindrot.org/show_bug.cgi?id=822
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
BugsThisDependsOn| |884
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Aug 21
0
[Bug 325] PermitRootLogin forced-commands-only & privsep - not working together
http://bugzilla.mindrot.org/show_bug.cgi?id=325
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From markus at openbsd.org 2002-08-22