Date: Tue, 11 Feb 2003 21:22:13 -0800 From: Kris Kennaway <kris@obsecurity.org> To: BSD baby <bsd@hitmedia.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: OpenSSH security hole on FreeBSD? Message-ID: <20030212052213.GA31883@rot13.obsecurity.org> In-Reply-To: <20030211194457.A22618@mail.hitmedia.com> References: <20030211194457.A22618@mail.hitmedia.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Tue, Feb 11, 2003 at 07:44:57PM -0800, BSD baby wrote: > TWO major security holes: > > #1 - It won't let me turn off passwords > (PasswordAuthentication no) Don't know about this one. > #2 - It only requires I type the first 8 characters > of my password! (I use 16-character password.) That's because you're using DES passwords, which only allow 8 characters. See login.conf(5). Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+SdoFWry0BWjoQKURAkByAJ92NLjCxrmcTzZlu4fT0NezZmCv/ACbBNfd oj2Kr0LTxmvIXrI+v/tPC2o= =3TuZ -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030212052213.GA31883>