--df+09Je9rNq3P+GE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 11, 2002 at 12:20:24AM +0400, Solar Designer wrote: >=20 > Not really. PAM keyboard interactive authentication is not relevant > to PAM password changing, and should be disabled (unless there's > another reason to use it). really? the documentation is a bit vague on this. > Finally, I did a patch to re-enable password changes, without the > nasty side effect which was the reason to disable that code, for the > non-privsep case in the OpenSSH 3.4p1 package in Owl (our distribution, > http://www.openwall.com/Owl/). The patch is freely available as a > part of Owl (in the native tree). To this message I've attached just > the two patches relevant to making password changing work again in > 3.4p1. Our OpenSSH package contains many other patches (11 total). is there any way to fix it for the privsep case? since it seems clear that sshd is full of holes turning off privsep is a very bad idea. --=20 Ethan Benson http://www.alaska.net/~erbenson/ --df+09Je9rNq3P+GE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0tMjAACgkQJKx7GixEevzlzACfXCu9q5K4kB/BOPSeFlSFAPbU G5YAoIixqr8V9g74m+SZgh6Z4KZAnqo+ =+ZqX -----END PGP SIGNATURE----- --df+09Je9rNq3P+GE--
