Date: Sun, 27 Oct 2013 22:50:16 +0100 From: Andrei <az@azsupport.com> To: freebsd-security@freebsd.org, des@des.no Subject: Re: OpenPAM/SSHD privacy hole (FreeBSD 9.2+ affected) Message-ID: <20131027225016.3cdab10e@azsupport.com> In-Reply-To: <86txg2mm9n.fsf@nine.des.no> References: <20131023135408.38752099@azsupport.com> <1382529986.729788.498652166.90148.2@c-st.net> <86y55emw8a.fsf@nine.des.no> <20131027195755.00b0cb2c@azsupport.com> <86txg2mm9n.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 27 Oct 2013 22:33:56 +0100 Dag-Erling Sm=C3=B8rgrav <des@des.no> wrote: > Andrei <az@azsupport.com> writes: > > In /etc/pam.d/sshd from: > > auth required pam_unix.so no_warn > > try_first_pass to: > > auth required pam_unix.so no_warn try_first_pass authtok_prompt > > > > Right? >=20 > auth required pam_unix.so no_warn try_first_pass > authtok_prompt=3D"Password:" >=20 > BTW, I recently noticed that try_first_pass doesn't work as documented > (and hasn't for ten years), but I haven't had time to fix it yet. You might be surprised, but authtok_prompt=3D"Password:" have same results = as just authtok_prompt. Empty screen and no "Password:" prompt. FreeBSD 9.2 tested. Kind regards, Andrei.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131027225016.3cdab10e>