On Tue, 20.05.03, mla <wyl_lyf@xxxxxxxxx> wrote: > users using it in login, etc. I noticed that even if I used an invalid > user it returns authentication failed which should have been pam_user_unknown. > did I miss something here? I dunno why its doing this. I think this was done as a security precaution. authentication failed leads to a delay that is different from pam_user_unknown. If you now analyse response times for remote authentication attempts (say ssh) you can easily differentiate between an existing and non-existing user, which in turn can be used to brute-force usernames on the remote machine. cya, Nils -- Nils Juergens | ju@xxxxxxxxxxxxxxxxxx Having problems sending big files over the net? Try out Efisto (http://efisto.rnbhq.org). _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
