Bug#240506: Debian bug #240506: possible solution

To: 240506@bugs.debian.org, Klaus Ethgen <Klaus@Ethgen.de>
Subject: Bug#240506: Debian bug #240506: possible solution
From: Darren Tucker <dtucker@zip.com.au>
Date: Thu, 01 Apr 2004 14:34:59 +1000
Message-id: <[🔎] 406B9BF3.9000804@zip.com.au>
Reply-to: Darren Tucker <dtucker@zip.com.au>, 240506@bugs.debian.org

Hi.

With the upstream changes to OpenSSH, in order to actually use PAM forauthentication, you need to enable ChallengeResponseAuthentication, andyou probably should disable PasswordAuthentication.

PasswordAuthentication will work against the contents of /etc/shadow(actually, whatever getspnam() returns) if UsePAM is enabled. In thiscase the authentication is against /etc/shadow, but the PAM account andsession modules are still used.

Debian Maintainer: perhaps the package should warn about this, if itdoesn't already?


--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Reply to:

Prev by Date: Bug#73611: Need someone in your life
Next by Date: Bug#239999: Debian bug #239999: an explanation of the cause
Previous by thread: Bug#73611: Need someone in your life
Next by thread: Bug#239999: Debian bug #239999: an explanation of the cause
Index(es):
- Date
- Thread