Re: SSH permits root-Logins with wrong password
On Wed, Jun 16, 2004 at 05:43:32PM +0200, Frank Niedermann wrote:
<snip>
>
> If I try to use 'x' as wrong password, ssh won't let me in:
> root@dettlx18's password:
> Permission denied (publickey,password,keyboard-interactive).
>
> Just as I would expect it. If I use a longer or similar password as the
> real root password, ssh will let me log in, example:
> real root password = linux4me -> success :)
> fake root password = fun4linux -> success! :(
>
> The ssh package version:
> ii ssh 3.8p1-3 Secure rlogin/rsh/rcp replacement (OpenSSH)
>
> Any idea about that behavor?
Do you have public keys installed on that server? If you have a key with
one password which is different from root's password on that machine, it
can explain this behavior.
HTH.
--
Hamilton Coutinho | panic("Aarggh: attempting to free lock with
hamiltonc@via-rs.net | active wait queue - shoot Andy");
Porto Alegre - RS - Brasil | 2.0.38 /usr/src/linux/fs/locks.c
Reply to: