Possible pam_ssh bug?
Dag-Erling Smørgrav
des at des.no
Tue Nov 15 20:53:07 UTC 2011
Guy Helmer <guy.helmer at palisadesystems.com> writes:
> I have a shell user who is able to login to his accounts via sshd on
> FreeBSD 8.2 using any password. The user had a .ssh/id_rsa and
> .ssh/id_rsa.pub key pair without a password but nullok was not
> specified, so I think this should be considered a bug.
Agreed. Not quite sure how to fix it, but I'll look into it and try to
get a patch in before 9.0.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list