similar to: [Bug 486] "PermitRootLogin no" can implicitly reveal root password

http://bugzilla.mindrot.org/show_bug.cgi?id=486 Summary: "PermitRootLogin no" can implicitly reveal root password Product: Portable OpenSSH Version: 3.5p1 Platform: All OS/Version: Linux Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at

http://bugzilla.mindrot.org/show_bug.cgi?id=486 cjwatson at debian.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Additional Comments From cjwatson at debian.org 2003-05-06 10:08

http://bugzilla.mindrot.org/show_bug.cgi?id=387 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Additional Comments From markus at openbsd.org 2003-02-07 08:16

http://bugzilla.mindrot.org/show_bug.cgi?id=387 ------- Additional Comments From markus at openbsd.org 2002-08-22 06:27 ------- hm, the logoutput from the server would be more helpfull. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=914 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |971 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1326 Summary: Allow non-public-key credentials in authorized_keys file (Kerberos, etc.) Product: Portable OpenSSH Version: 4.4p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Kerberos support

https://bugzilla.mindrot.org/show_bug.cgi?id=2164 Bug ID: 2164 Summary: PermitRootLogin=without-password as default Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: All Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

Steps to reproduce: 1) PermitRootLogin no in sshd_config 2) login with "root" user from other host Present behaviour: 1) it asks for password 3 times and only then close the connection. 2) cpu consumption during bruteforce "attacks". Expected behaviour: Immediate disconnect/login fail Workaround is to change ssh port, or ban IP after some login fails, or limit IP that can

On Mac OS, in order to allow ssh using dsa keys, I would copy ~/.ssh/id_dsa.pub from my machine into ~/.ssh/authorized_keys of the target machine. I've created .ssh directories in my account home as well as in /root and copied the respective keys to authorized_keys files in each. Strangely, I can now ssh as root with no password but my own user account still prompts for a password. What

Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config:

On Tue, Jul 17, 2018 at 6:22 PM, Damien Miller <djm at mindrot.org> wrote: > > > On Tue, 17 Jul 2018, Rob Marshall wrote: > >> Hi, >> >> I built OpenSSH 7.7p1-1 to try to include some security fixes for an old OS >> version (SLES 10). We use a special PAM module for root to allow us to >> provide auto-expiring passwords. There is, however, one root

http://bugzilla.mindrot.org/show_bug.cgi?id=701 Summary: With 'PermitRootPassword without-password' set, root w/pass can still log in with a using 'keyboard-int/pam' Product: Portable OpenSSH Version: 3.7.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority:

Hi there ! I have an issue with my OpenSSH + PAM configuration on a RedHat Advanced server 2..1 I want to authenticate users connecting to a server using ssh against a radius server. The radius client/server part works ok when I test it with some utilities. I think I have a problem with my ssh which does not pass the username/password to my pam sshd module. I have upgraded to openssh-4.2p1.

Hi! I want to change the sshd port at install for centos7 but i am not sure if i am on the good track (and it is time expensive to make many try-outs).. So, i would be grateful if someone with experience can spot if i have problems with my planning.. (the actual purpose is that after installation i have access for my ansible provisioning) first make sure ssh is started services

https://bugzilla.samba.org/show_bug.cgi?id=12576 Bug ID: 12576 Summary: popt aliases allow users to bypass sudo argument restrictions Product: rsync Version: 3.1.3 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee:

All: I have a problem connecting Openssh 3.0.2p1 on Solaris 8 using hostname authentication for non-root users. When I connect to the sshd from a second machine as root it works fine using HostbasedAuthentication, but it always fails with non-root users. I suspect that I am having a permissions problem somewhere, but I'll be damned if I can figure out where. Any and all help

http://bugzilla.mindrot.org/show_bug.cgi?id=1155 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |1199 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

On Sat, 2015-02-21 at 23:36 +0000, Philip Hands wrote: > I'm glad to say that the default for the Debian package Unfortunately, Debian overdid it quite a lot and also set a number of not so smart (respectively security-critical) defaults: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765632 So it's like 1:1 ;-) Cheers, Chris. -------------- next part -------------- A non-text

http://bugzilla.mindrot.org/show_bug.cgi?id=822 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |884 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=325 markus at openbsd.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Additional Comments From markus at openbsd.org 2002-08-22