sshd, how is this possible, security bug?
Didier Wiroth
didier.wiroth at mcesr.etat.lu
Wed Jan 14 17:24:51 PST 2004
Hi,
using freebsd 5.2 release.
Below you can see what is not commented out in my sshd_config file, which is almost the default:
#$FreeBSD: src/crypto/openssh/sshd_config,v 1.33 2003/09/24 19:20:23 des Exp $
#VersionAddendum FreeBSD-20030924
Protocol 2
ListenAddress x.y.z.x
LoginGraceTime 60
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
PrintMotd yes
PrintLastLog yes
AllowGroups ssh
Banner /usr/local/etc/ssh/banner
Subsystem sftp /usr/libexec/sftp-server
I'm using ssh windows client version 3.2.9 from:
http://www.ssh.com
I get a passphrase prompt, I enter xyz, press enter, than I'm prompted to enter my "password", I enter the password and I have my prompt:
me at mypc:
Is this a security bug, a misconfiguration or what?
I thought I had disabled password authentication with: PasswordAuthentication no
thx a lot
More information about the freebsd-questions
mailing list