ssh and root on 4.10 = password discovery (maybe)
Konrad Heuer
kheuer2 at gwdg.de
Wed Jul 21 06:33:37 PDT 2004
On Wed, 21 Jul 2004, Tig wrote:
> On Wed, 21 Jul 2004 14:12:45 +0200 (CEST)
> Konrad Heuer <kheuer2 at gwdg.de> wrote:
>
> >
> > I roughly remember to have read about that problem for older versions
> > of OpenSSH.
> >
> > But on my 4.10 boxes, there's no problem. Looks always like this,
> > correct and incorrect password given:
> >
> > % ssh root at box
> > root at boxes's password:
> > Permission denied, please try again.
> > root at boxes's password:
> > Permission denied, please try again.
> >
> > Version:
> >
> > % ssh -V
> > OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
> > 0x0090704f
>
> Well, this is strange. The 5.2.1 box and the 4.10 box both have the same
> sshd_conf options, however the OpenSSH versions are different (but
> expected)
>
> 5.2.1
> OpenSSH_3.6.1p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
> 0x0090703f
>
> 4.10
> OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
> 0x0090704f
>
> Do you have any non-default settings to disable remote root access on
> your 4.10 box? This 4.10 box was recently upgraded from 4.9 (using
> cvsup), maybe I missed something is all I can think of.
Here are the lines of my sshd_config which are uncommented:
PermitRootLogin forced-commands-only
IgnoreRhosts no
RhostsRSAAuthentication yes
HostbasedAuthentication yes
ChallengeResponseAuthentication no
X11Forwarding yes
UsePrivilegeSeparation yes
Compression yes
Subsystem sftp /usr/libexec/sftp-server
Best regards
Konrad Heuer (kheuer2 at gwdg.de) ____ ___ _______
GWDG / __/______ ___ / _ )/ __/ _ \
Am Fassberg / _// __/ -_) -_) _ |\ \/ // /
37077 Goettingen /_/ /_/ \__/\__/____/___/____/
Germany
More information about the freebsd-security
mailing list