Date: Thu, 14 Mar 2002 14:48:59 +0000 From: Rasputin <rasputin@shikima.mine.nu> To: "Matthew D. Fuller" <fullermd@over-yonder.net> Cc: security@freebsd.org Subject: Re: sshd UseLogin option Message-ID: <20020314144859.A13371@shikima.mine.nu> In-Reply-To: <20020313102831.M57293@over-yonder.net>; from fullermd@over-yonder.net on Wed, Mar 13, 2002 at 10:28:31AM -0600 References: <xzpg034a843.fsf@flood.ping.uio.no> <20020313102831.M57293@over-yonder.net>
next in thread | previous in thread | raw e-mail | index | archive | help
* Matthew D. Fuller <fullermd@over-yonder.net> [020313 16:29]: > On Wed, Mar 13, 2002 at 02:51:40PM +0100 I heard the voice of > Dag-Erling Smorgrav, and lo! it spake thus: > > Could someone please explain to me why we don't use sshd's UseLogin > > option by default? I know that there was a security hole related to > > that option recently, but that's not a real reason - security holes > > can show up anywhere - so is there anything that makes UseLogin a > > particularly bad idea? > > On a side note, it sure would be nifty if UseLogin actually used login(1), > which it didn't last I checked. Noticed-by: /etc/login.access strangely > not applying to ssh connections. I think that's fixed now - I was able to bounce incoming ssh session using login.access last month, anyway. -- "You can bring any calculator you like to the midterm, as long as it doesn't dim the lights when you turn it on." -- Hepler, Systems Design 182 Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020314144859.A13371>