On Tue, 1 Mar 2022, Damien Miller wrote: > We're not aware of any security problems in OpenSSH 8.6 that could yield > access to a locked account like this. I'd just add that if an attacker did have a sshd 0-day, then burning it only to send spam seems amazingly profligate... -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
