Date: Tue, 15 Nov 2011 21:53:05 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Guy Helmer <guy.helmer@palisadesystems.com> Cc: freebsd-security@freebsd.org Subject: Re: Possible pam_ssh bug? Message-ID: <861ut9rtu6.fsf@ds4.des.no> In-Reply-To: <98001F9B-0B96-4D17-9EAE-08B12A1C1C75@palisadesystems.com> (Guy Helmer's message of "Tue, 15 Nov 2011 10:39:31 -0600") References: <98001F9B-0B96-4D17-9EAE-08B12A1C1C75@palisadesystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Guy Helmer <guy.helmer@palisadesystems.com> writes: > I have a shell user who is able to login to his accounts via sshd on > FreeBSD 8.2 using any password. The user had a .ssh/id_rsa and > .ssh/id_rsa.pub key pair without a password but nullok was not > specified, so I think this should be considered a bug. Agreed. Not quite sure how to fix it, but I'll look into it and try to get a patch in before 9.0. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?861ut9rtu6.fsf>