In <[🔎] cdeec9051003231036h776b3731k533265dcb52f9f17@mail.gmail.com>, consul tores wrote: >I do not want to create panic, but playing with my Lenny Laptop, >against Squezee and ArchLinux; i got (literaly) access without >password. >Conditions: >New installation in my testing box, from Lenny i was ready to edit >sshd_config after intallation, and i opened a console, i did ssh >root@IP, when ssh asked me for password, i opened a window doing >fish://root@IP, magically i was inside my Squezee or ArchLinux box. >I tested it few times and it was the same thing 1/20 aproximately, i >could not find a logical explanation but it happened. has someone >found something similar? No. I'm also not sure your "Conditions" are clear enough for me to try and replicate. 1. What is "ready to edit", and why does it matter? Do you have the sshd_config file open for read? for write? not open at all? 2. Had you entered your password? Do you have any key-based authentication set up? 3. I'm assuming you are using dolphin or konqueror to connection with "fish://" -- can you reproduce with something non-KDE-specific? -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.