130355 – sshd config contains specific LDAP servers enabled for authentication

Bug 130355 - sshd config contains specific LDAP servers enabled for authentication

Summary: sshd config contains specific LDAP servers enabled for authentication

Status:	RESOLVED DUPLICATE of bug 130354

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Auditing (show other bugs)
Hardware:	All Linux

Importance:	High critical (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-04-18 05:55 UTC by Aquila
Modified:	2007-01-06 17:10 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aquila 2006-04-18 05:55:54 UTC

The current stable sshd config specifies LDAP servers for authentication and enables those. That seems like a very bad idea to me, users might unwillingly allow authentication against external servers. 
Excuse me if this is not a problem, I just want to be sure.

Comment 1 Stefan Cornelius (RETIRED) gentoo-dev

2006-05-14 05:41:54 UTC

lcars, please have a look, thx

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-05-14 09:32:17 UTC

Reassinging to security since bug-wranglers cannot see security restricted bugs.

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-05-14 09:34:37 UTC

And now actually reassigning.

Comment 4 Andrea Barisani (RETIRED) gentoo-dev

2006-05-14 20:32:26 UTC

This is not the case anymore, can you please provide more information?

Check bug http://bugs.gentoo.org/show_bug.cgi?id=130354, is that the case?

What servers are you seeing? And if so please re-emerge openssh and see if that's
the case.

thx

Comment 5 Aquila 2006-05-14 23:49:30 UTC

Indeed bug #130354 describes the same problem.

*** This bug has been marked as a duplicate of 130354 ***