Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM

To: debian-devel@lists.debian.org
Subject: Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
From: Carlos Laviola <claviola@debian.org>
Date: Sun, 11 Aug 2002 04:16:49 -0300
Message-id: <[🔎] 20020811071649.GB8398@laviola.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20020811064350.GA18265@lina.inka.de>
References: <[🔎] E17diLC-0000V6-00@jones.argon.org> <[🔎] pzptwqysjw.fsf@eeyore.ibcinc.com> <[🔎] 20020811045929.88C45850B@lyta.coker.com.au> <[🔎] 20020811062731.GA26506@stradivarius.ressukka.net> <[🔎] 20020811064350.GA18265@lina.inka.de>

On Sun, Aug 11, 2002 at 08:43:50AM +0200, Bernd Eckenfels wrote:
> On Sun, Aug 11, 2002 at 09:27:31AM +0300, Sami Haahtinen wrote:
> > I argee with Russell that the package should come with a BIG warning
> > sign.
> 
> well, if you have writ access to the users home you can always take over his
> account. For example a trojan .bashrc. It would be a bit more easy with ssh
> pam, but not much more. I do not think we should warn the user in debconf
> time. But we should not enable the module on default.

A trojaned .bashrc is different.  You can do a lot by messing with one's
.bashrc, but being able to change one's own password is a unique power.

-- 
Carlos Laviola   < claviola@debian.org >
Debian GNU/Linux <http://www.debian.org>

Reply to:

References:
- Bug#156257: ITP: libpam-ssh -- <Roderick> I didn't write it, I'm just working on it. It authenticates you by u
  - From: Roderick Schertler <roderick@argon.org>
- Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
  - From: Roderick Schertler <roderick@argon.org>
- Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
  - From: Russell Coker <russell@coker.com.au>
- Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
  - From: ressu@ressukka.net (Sami Haahtinen)
- Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
  - From: Bernd Eckenfels <lists@lina.inka.de>

Prev by Date: Re: Accepted sdl-image1.2 1.2.2-1 (i386 source)
Next by Date: Archive link at the end of each post?
Previous by thread: Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
Next by thread: Re: Bug#156257: ITP: libpam-ssh -- SSH key authentication and single sign-on via PAM
Index(es):
- Date
- Thread