ssh and root on 4.10 = password discovery (maybe)
Tig
tigger at onemoremonkey.com
Wed Jul 21 06:22:05 PDT 2004
On Wed, 21 Jul 2004 14:12:45 +0200 (CEST)
Konrad Heuer <kheuer2 at gwdg.de> wrote:
>
> I roughly remember to have read about that problem for older versions
> of OpenSSH.
>
> But on my 4.10 boxes, there's no problem. Looks always like this,
> correct and incorrect password given:
>
> % ssh root at box
> root at boxes's password:
> Permission denied, please try again.
> root at boxes's password:
> Permission denied, please try again.
>
> Version:
>
> % ssh -V
> OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
> 0x0090704f
>
> Best regards
>
> Konrad Heuer (kheuer2 at gwdg.de) ____ ___ _______
> GWDG / __/______ ___ / _ )/ __/ _ \
> Am Fassberg / _// __/ -_) -_) _ |\ \/ // /
> 37077 Goettingen /_/ /_/ \__/\__/____/___/____/
> Germany
>
Well, this is strange. The 5.2.1 box and the 4.10 box both have the same
sshd_conf options, however the OpenSSH versions are different (but
expected)
5.2.1
OpenSSH_3.6.1p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
0x0090703f
4.10
OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
0x0090704f
Do you have any non-default settings to disable remote root access on
your 4.10 box? This 4.10 box was recently upgraded from 4.9 (using
cvsup), maybe I missed something is all I can think of.
-Tig
More information about the freebsd-security
mailing list