From owner-freebsd-security Mon Jul 16 19:50:52 2001 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id BCC3F37B40F for ; Mon, 16 Jul 2001 19:48:07 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 403 invoked by uid 1000); 17 Jul 2001 02:48:01 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 17 Jul 2001 02:48:01 -0000 Date: Mon, 16 Jul 2001 21:48:01 -0500 (CDT) From: Mike Silbersack To: Shila Ofek Cc: , Subject: Re: OpenSSH UseLogin parameter In-Reply-To: Message-ID: <20010716214440.G314-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 16 Jul 2001, Shila Ofek wrote: > > I'm working with OpenSSH-2.2.0 on FreeBSD 4.2, and from a look at the code > it doesn't work with PAM. The only reminder of PAM in the code is in file > auth1.c: > #ifdef HAVE_LIBPAM > int pam_retval; > #endif /* HAVE_LIBPAM */ > and that's it... > > Should I recompile the SSH daemon with some flag or something, or do I have > the wrong version? PAM was added along with openssh 2.3.0 in FreeBSD 4.3. But PAM isn't the main reason you should upgrade. You should upgrade because you're running a remotely exploitable version of OpenSSH! Please subscribe to the security advisories. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message