Date: 15 Mar 2002 19:18:19 -0700 From: John-David Childs <freebsd@nterprise.net> To: Dag-Erling Smorgrav <des@ofug.org> Cc: security@FreeBSD.ORG Subject: Re: sshd UseLogin option Message-ID: <1016245112.5568.15.camel@lohr.digitalglobe.com> In-Reply-To: <xzpg034a843.fsf@flood.ping.uio.no> References: <xzpg034a843.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Keeping UseLogin off allows for more controlled environments, e.g.
environments where users might not have a shell account...but still
require a valid shell for sftp and scp.
Also, for those who care...
From session.c
if (options.use_login) {
packet_send_debug("X11 forwarding disabled; "
"not compatible with UseLogin=yes.");
return 0;
On Wed, 2002-03-13 at 06:51, Dag-Erling Smorgrav wrote:
> Could someone please explain to me why we don't use sshd's UseLogin
> option by default? I know that there was a security hole related to
> that option recently, but that's not a real reason - security holes
> can show up anywhere - so is there anything that makes UseLogin a
> particularly bad idea?
>
> DES
> --
> Dag-Erling Smorgrav - des@ofug.org
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1016245112.5568.15.camel>