Bug#238699: Debian bugs: sshd - PAM and password auth: fixed upstream

To: 242119@bugs.debian.org, Bastian Blank <waldi@debian.org>, 238699@bugs.debian.org, Giacomo Mulas <gmulas@ca.astro.it>, 247521@bugs.debian.org, Daniel Whelan <merlin@ophelan.com>, 250369@bugs.debian.org, Marc Haber <mh+debian-bugs@zugschlus.de>
Subject: Bug#238699: Debian bugs: sshd - PAM and password auth: fixed upstream
From: Darren Tucker <dtucker@zip.com.au>
Date: Thu, 01 Jul 2004 09:29:20 +1000
Message-id: <[🔎] 40E34CD0.2070104@zip.com.au>
Reply-to: Darren Tucker <dtucker@zip.com.au>, 238699@bugs.debian.org

Hi.
	Please excuse the multi-update, these bugs are somewhat related.

The upstream bug [1] for Debian bugs #242119, #238699, #247521, #250369is now fixed in upstream's CVS.

The patch attached to the bug re-adds PasswordAuthentication via PAM.Note that this uses a "blind" conversation that will fail if you haveanything beyond simple password authentication; however this is the bestthat can be done within SSH's password authentication method. If youneed more comprehensive PAM support, set PasswordAuthentication=no anduse ChallengeResponse/keyboard-interactive.


[1] http://bugzilla.mindrot.org/show_bug.cgi?id=874

(If you're going to backport the patch, there's a couple of otherrelated patches in CVS that are not attached to the bug).


--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Reply to:

Prev by Date: Normal User cannot log on
Next by Date: Bug#237272: Debian bug #237272: ssh: PAM session modules and privsep=no
Previous by thread: Normal User cannot log on
Next by thread: Bug#237272: Debian bug #237272: ssh: PAM session modules and privsep=no
Index(es):
- Date
- Thread