From owner-freebsd-security@FreeBSD.ORG  Thu Feb 19 04:31:39 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5016316A4CE
	for <freebsd-security@freebsd.org>;
	Thu, 19 Feb 2004 04:31:39 -0800 (PST)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.184])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 21EC543D1D
	for <freebsd-security@freebsd.org>;
	Thu, 19 Feb 2004 04:31:39 -0800 (PST)	(envelope-from sven@yagonna.de)
Received: from [212.227.126.179] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1AtnL8-0000Xu-00
	for freebsd-security@freebsd.org; Thu, 19 Feb 2004 13:31:38 +0100
Received: from [80.146.45.8] (helo=moonrise.intern.yagonna.de)
	by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
	id 1AtnL8-0000n0-00
	for freebsd-security@freebsd.org; Thu, 19 Feb 2004 13:31:38 +0100
Received: by moonrise.intern.yagonna.de (Postfix, from userid 501)
	id ACB7B2143C; Thu, 19 Feb 2004 13:33:49 +0100 (CET)
Date: Thu, 19 Feb 2004 13:33:49 +0100
From: Sven Pfeifer <sven@yagonna.de>
To: freebsd-security@freebsd.org
Message-ID: <20040219123349.GB23725@yagonna.de>
Mail-Followup-To: freebsd-security@freebsd.org
References: <20040219120450.1854b521@piglet.goo>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040219120450.1854b521@piglet.goo>
User-Agent: Mutt/1.4i
X-Organization: YaGonna
X-Location: Wuppertal
X-Provags-ID: kundenserver.de abuse@kundenserver.de
	auth:fc38b4c18c1c0557192e98767c9e60c3
Subject: Re: secuirty bug with /etc/login.access
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Sven Pfeifer <sven@yagonna.de>
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Feb 2004 12:31:39 -0000

Hi Tig,

Tig <tigger@onemoremonkey.com> wrote:

[...]

> So, I tested it over ssh from a remote box
> 
> tigger@piglet:~% ssh ray@sonic.cbnmediaX.com.au
> Password:
> Password:
> Password:
> ray@sonic.cbnmediaX.com.au's password: 
> Last login: Sat Feb 14 12:29:45 2004 from dsl-38.226.240.

[...]
 
> (I'm 100% sure I typed the password correct each time)
> As you can see, I'm denied access each time until the 'ray@sonic...'
> option is presented, then I'm allowed in.

this looks like, you have configured

       PasswordAuthentication yes
and
        Protocol 2,1

in your servers /etc/ssh/sshd_config. So your client is trying to
authenticate to the _local_ id-File. If this is failing (3 times) then
it tries the PasswordAuthentication at the _remote_ maschine. So i
think you typed in the wrong password for your _local_ id-File and
the fourth time at the "ray@sonic.cbnmediaX.com.au's password:"
prompt you typed in the correct password for user ray at host
sonic.cbnmediX.com.au.

[...]

> -Tig

HTH

	Sven