Date: Thu, 15 Jan 2004 02:24:47 +0100 From: Didier Wiroth <didier.wiroth@mcesr.etat.lu> To: freebsd-questions@freebsd.org Subject: sshd, how is this possible, security bug? Message-ID: <130d319f1f.19f1f130d3@etat.lu>
next in thread | raw e-mail | index | archive | help
Hi, using freebsd 5.2 release. Below you can see what is not commented out in my sshd_config file, which is almost the default: #$FreeBSD: src/crypto/openssh/sshd_config,v 1.33 2003/09/24 19:20:23 des Exp $ #VersionAddendum FreeBSD-20030924 Protocol 2 ListenAddress x.y.z.x LoginGraceTime 60 PubkeyAuthentication yes PasswordAuthentication no PermitEmptyPasswords no PrintMotd yes PrintLastLog yes AllowGroups ssh Banner /usr/local/etc/ssh/banner Subsystem sftp /usr/libexec/sftp-server I'm using ssh windows client version 3.2.9 from: http://www.ssh.com I get a passphrase prompt, I enter xyz, press enter, than I'm prompted to enter my "password", I enter the password and I have my prompt: me@mypc: Is this a security bug, a misconfiguration or what? I thought I had disabled password authentication with: PasswordAuthentication no thx a lot
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?130d319f1f.19f1f130d3>