login(1) doesn't enforce times.allow/times.deny over ssh(1)
Farid Hajji
me at farid-hajji.de
Sun Jul 20 13:27:40 PDT 2003
On Sunday 20 July 2003 09:38 pm, Doug White wrote:
> On Sun, 20 Jul 2003, Farid Hajji wrote:
> > When using ssh, I'm not trying public/private keys,
> > just plain unix passwords. Doesn't ssh access login(1)
> > in this case?
>
> sshd does not use login unless requested to do so by the UseLogin config
> parameter.
Yessss, that was it.
> There have been security vulnerabilities exposed by using this option in
> the past. You have been warned :)
So we need an additional pam module for such policy
settings. That's reasonable.
Many thanks.
--
Farid Hajji. http://www.farid-hajji.net/address.html
More information about the freebsd-current
mailing list