From owner-freebsd-bugs@FreeBSD.ORG Sat Aug 4 17:00:20 2012 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7B443106564A for ; Sat, 4 Aug 2012 17:00:20 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 3A3758FC0A for ; Sat, 4 Aug 2012 17:00:20 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q74H0K3i041758 for ; Sat, 4 Aug 2012 17:00:20 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q74H0KaC041748; Sat, 4 Aug 2012 17:00:20 GMT (envelope-from gnats) Resent-Date: Sat, 4 Aug 2012 17:00:20 GMT Resent-Message-Id: <201208041700.q74H0KaC041748@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Dmitry Kazarov Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C9C491065670 for ; Sat, 4 Aug 2012 16:56:57 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id B487A8FC08 for ; Sat, 4 Aug 2012 16:56:57 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q74Guvqr038189 for ; Sat, 4 Aug 2012 16:56:57 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id q74GuuM1038188; Sat, 4 Aug 2012 16:56:56 GMT (envelope-from nobody) Message-Id: <201208041656.q74GuuM1038188@red.freebsd.org> Date: Sat, 4 Aug 2012 16:56:56 GMT From: Dmitry Kazarov To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/170373: after FreeBSD-SA-11:09.pam_ssh patch the pam_ssh module now requests for PAM key X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2012 17:00:20 -0000 >Number: 170373 >Category: misc >Synopsis: after FreeBSD-SA-11:09.pam_ssh patch the pam_ssh module now requests for PAM key >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Aug 04 17:00:19 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Dmitry Kazarov >Release: 9.1-PRERELEASE >Organization: >Environment: FreeBSD Trudiaga.localdomain 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Sun Jul 29 04:54:44 MSK 2012 root@Trudiaga.localdomain:/var/obj/usr/src/sys/GENERIC amd64 >Description: Since revision 1.47.2.2 pam_ssh began to request for PEM password after SSH passphrase: FreeBSD/amd64 (Trudiaga.localdomain) (ttyv4) login: user SSH passphrase: Enter PEM pass phrase: Last login: Sat Aug 4 13:29:36 on ttyv4 And any key sequence could be specified for successful login. This behavior breaks xscreensaver - it no more capable to unlock screen since request for PEM pass is not handled by it. >How-To-Repeat: >Fix: --- pam_ssh.c.orig 2011-12-11 20:57:27.000000000 +0400 +++ pam_ssh.c 2012-08-04 20:56:18.000000000 +0400 @@ -110,7 +110,7 @@ * with an empty passphrase, and if the key is not encrypted, * accept only an empty passphrase. */ - key = key_load_private(fn, NULL, &comment); + key = key_load_private(fn, "", &comment); if (key != NULL && !(*passphrase == '\0' && nullok)) { key_free(key); return (NULL); >Release-Note: >Audit-Trail: >Unformatted: