Re: Bad Password - #010#012#015#177INCORRECT : ssh -> pam -> libpam_sqlite -> sqlite3

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

For future archive searchers:

Why does OpenSSH replaces the password entered by the user with the
bad password - "\b\n\r\177INCORRECT
There are some situations where sshd determines a user can't log in. Typical samples of that are DenyUsers or PermitRootLogin. In those cases sshd *still* calls PAM, so that delays set by it are still performed to the user (without leaking info about accounts existing, disabled, etc.). But in order to ensure it can't succeed, replaces the password with that impossible one. 

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux