Date: Thu, 19 Feb 2004 13:33:49 +0100 From: Sven Pfeifer <sven@yagonna.de> To: freebsd-security@freebsd.org Subject: Re: secuirty bug with /etc/login.access Message-ID: <20040219123349.GB23725@yagonna.de> In-Reply-To: <20040219120450.1854b521@piglet.goo> References: <20040219120450.1854b521@piglet.goo>
index | next in thread | previous in thread | raw e-mail
Hi Tig,
Tig <tigger@onemoremonkey.com> wrote:
[...]
> So, I tested it over ssh from a remote box
>
> tigger@piglet:~% ssh ray@sonic.cbnmediaX.com.au
> Password:
> Password:
> Password:
> ray@sonic.cbnmediaX.com.au's password:
> Last login: Sat Feb 14 12:29:45 2004 from dsl-38.226.240.
[...]
> (I'm 100% sure I typed the password correct each time)
> As you can see, I'm denied access each time until the 'ray@sonic...'
> option is presented, then I'm allowed in.
this looks like, you have configured
PasswordAuthentication yes
and
Protocol 2,1
in your servers /etc/ssh/sshd_config. So your client is trying to
authenticate to the _local_ id-File. If this is failing (3 times) then
it tries the PasswordAuthentication at the _remote_ maschine. So i
think you typed in the wrong password for your _local_ id-File and
the fourth time at the "ray@sonic.cbnmediaX.com.au's password:"
prompt you typed in the correct password for user ray at host
sonic.cbnmediX.com.au.
[...]
> -Tig
HTH
Sven
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040219123349.GB23725>