Date: Sun, 27 Oct 2013 22:33:56 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Andrei <az@azsupport.com> Cc: freebsd-security@freebsd.org Subject: Re: OpenPAM/SSHD privacy hole (FreeBSD 9.2+ affected) Message-ID: <86txg2mm9n.fsf@nine.des.no> In-Reply-To: <20131027195755.00b0cb2c@azsupport.com> (Andrei's message of "Sun, 27 Oct 2013 19:57:55 %2B0100") References: <20131023135408.38752099@azsupport.com> <1382529986.729788.498652166.90148.2@c-st.net> <86y55emw8a.fsf@nine.des.no> <20131027195755.00b0cb2c@azsupport.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrei <az@azsupport.com> writes: > In /etc/pam.d/sshd from: > auth required pam_unix.so no_warn try_first= _pass > to: > auth required pam_unix.so no_warn try_first_pass authtok_prompt > > Right? auth required pam_unix.so no_warn try_first_pass authtok_prompt=3D"Password= :" BTW, I recently noticed that try_first_pass doesn't work as documented (and hasn't for ten years), but I haven't had time to fix it yet. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86txg2mm9n.fsf>