From owner-freebsd-questions Wed Dec 19 6:56: 5 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by hub.freebsd.org (Postfix) with ESMTP id 8645137B416 for ; Wed, 19 Dec 2001 06:55:49 -0800 (PST) Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by cactus.fi.uba.ar (8.11.6/8.11.6) with ESMTP id fBJEsYj44527; Wed, 19 Dec 2001 11:54:34 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Wed, 19 Dec 2001 11:54:34 -0300 (ART) From: Fernando Gleiser To: Scott Aitken Cc: Subject: Re: Accepting passwords of greater length than stored In-Reply-To: <001001c1889c$142417f0$0a01010a@merry> Message-ID: <20011219115222.G43096-100000@cactus.fi.uba.ar> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 20 Dec 2001, Scott Aitken wrote: > Hi all, > Does any know why when SSHing to a FreeBSD 4.4-STABLE box succeeds when you > enter a password LONGER than the password on the system? The initial part > must match the password, but it doesn't seem to matter if you just keep on > typing. > I assume it also has nothing to do SSH, as ProFTPd suffers from the safe > symptom, but I am unable to test telnet at the moment. I may be wrong, but I remember that in some favors of unix, DES passwords are truncated to 8 chars. Maybe you are using DES for hashing passwords ans this is the problem. Fer > Thanks > Scott > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message